angr (>=9.2.187 <=9.2.217), angr-management (>=9.2.187 <=9.2.217) +25 more potentially affected by unknown CVE via uefi-firmware (=1.11.0)

uefi-firmware PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on uefi-firmware and may be impacted: - angr =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.3.2, =0.1.0, =0.1.5 and more Source...

angr (>=9.2.187 <=9.2.217), angr-management (>=9.2.187 <=9.2.217) +25 more potentially affected by unknown CVE via uefi-firmware (=1.11.0)

uefi-firmware PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on uefi-firmware and may be impacted: - angr =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.3.2, =0.1.0, =0.1.5 and more Source...

angr (>=9.2.187 <=9.2.217), angr-management (>=9.2.187 <=9.2.217) +25 more potentially affected by unknown CVE via uefi-firmware (=1.11.0)

uefi-firmware PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on uefi-firmware and may be impacted: - angr =9.2.187, =9.2.187, =1.0.0rc2, =1.0.7, =1.0.4, =9.2.7, =0.0.1, =9.2.187, =1.0.3, =0.1.0, =2.3.2, =0.1.0, =0.1.5 and more Source...

Toxic_Flow_Analysis_Framework_For_Agentic_AI

Toxic Flow Analysis TFA Framework A Secure-by-Design framew...

GAPS: Guiding Dynamic Android Analysis with Static Path Synthesis

Dynamically resolving method reachability in Android applications remains a critical and largely unsolved problem. Despite notable advancements in GUI testing and static call graph construction, current tools are insufficient for reliably driving execution toward specific target methods, especial...

EUVD-2021-19525

Malware in sbrugna...

EUVD-2021-30909

Malicious code in bioql PyPI...

Intelligent ARP Spoofing Detection Using Multi-Layered Machine Learning (ML) Techniques for IoT Networks

Address Resolution Protocol ARP spoofing remains a critical threat to IoT networks, enabling attackers to intercept, modify, or disrupt data transmission by exploiting ARP's lack of authentication. The decentralized and resource-constrained nature of IoT environments amplifies this vulnerability,...

CVE-2021-32754

FlowDroid is a data flow analysis tool. FlowDroid versions prior to 2.9.0 contained an XML external entity XXE vulnerability that allowed an attacker who had control over the source/sink definition file in XML format to read files from external locations. In order for this to occur, the XML-based...

Tai-e - An Easy-To-Learn/Use Static Analysis Framework For Java

Tai-e What is Tai-e? Tai-e Chinese: 太阿; pronunciation: ˈtaɪə: is a new static analysis framework for Java please see our technical report for details, which features arguably the "best" designs from both the novel ones we proposed and those of classic frameworks such as Soot, WALA, Doop, and...

CVE-2021-44050

CA Network Flow Analysis NFA 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data...

CVE-2021-44050

CA Network Flow Analysis NFA 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data...

Sql injection

CA Network Flow Analysis NFA 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data...

CVE-2021-44050

CA Network Flow Analysis NFA 21.2.1 and earlier contain a SQL injection vulnerability in the NFA web application, due to insufficient input validation, that could potentially allow an authenticated user to access sensitive data...

CVE-2021-44050

CVE-2021-44050 concerns Broadcom CA Network Flow Analysis (NFA) version 21.2.1 and earlier. The connected sources specify a SQL injection vulnerability in the NFA web application caused by insufficient input validation, with an impact of potentially exposing sensitive data to an authenticated use...

Broadcom CA Network Flow Analysis SQL注入漏洞

Broadcom CA Network Flow Analysis is a network traffic monitoring solution from Broadcom Corporation USA. A SQL injection vulnerability exists in Broadcom CA Network Flow Analysis NFA version 21.2.1 and earlier, which could allow an authenticated attacker to access sensitive data...

CVE-2021-32754

FlowDroid is a data flow analysis tool. CVE-2021-32754 describes an XML External Entity (XXE) vulnerability in FlowDroid versions prior to 2.9.0, where an attacker who can control the XML-based source/sink definition file could read files from external locations. The vulnerability requires use of...

CVE-2021-32754 Improper Restriction of XML External Entity Reference in de.tud.sse

FlowDroid is a data flow analysis tool. FlowDroid versions prior to 2.9.0 contained an XML external entity XXE vulnerability that allowed an attacker who had control over the source/sink definition file in XML format to read files from external locations. In order for this to occur, the XML-based...

Caronte - A Tool To Analyze The Network Flow During Attack/Defence Capture The Flag Competitions

Caronte is a tool to analyze the network flow during capture the flag events of type attack/defence. It reassembles TCP packets captured in pcap files to rebuild TCP connections, and analyzes each connection to find user-defined patterns. The patterns can be defined as regex or using protocol...

Nagios Network Analyzer Self-XSS Vulnerability

Nagios Network Analyzer is a network data flow analyzer that provides a view of all network traffic and bandwidth utilization. A Self-XSS vulnerability exists in Nagios Network Analyzer versions prior to 2.4.2. An attacker can exploit this vulnerability to conduct cross-site scripting attacks via...