Lucene search
+L

117 matches found

PyPA
PyPA
added 2026/07/07 10:17 a.m.5 views

pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)

An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...

7.5CVSS7.2AI score0.00816EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2026/07/07 10:17 a.m.4 views

PYSEC-2026-909 pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)

An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...

5.9CVSS6.1AI score0.00816EPSS
Exploits1References8
EUVD
EUVD
added 2026/07/01 5:54 p.m.5 views

EUVD-2022-49113

Open Babel has out-of-bounds write in MSI translationVectors...

9.8CVSS6.8AI score0.00863EPSS
Exploits1References5
OSV
OSV
added 2026/07/01 5:51 p.m.3 views

GHSA-JG3H-PV7C-4F9C Open Babel has out-of-bounds write in Gaussian translationVectors[]

Summary A memory-safety vulnerability in Open Babel's Gaussian output parser allowed an out-of-bounds write into the translationVectors array when reading a crafted input file. Details The Gaussian reader stored periodic-cell translation vectors into a fixed-size translationVectors array. A...

7.8CVSS6.7AI score0.00816EPSS
Exploits1References6
OSV
OSV
added 2026/07/01 5:44 p.m.4 views

GHSA-VR3P-GG26-45V9 Open Babel has out-of-bounds write in Gaussian coords_type orientation parser

Summary A memory-safety vulnerability in Open Babel's Gaussian output parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the coordstype orientation parser inside the Gaussian output reader. A malformed orientation block caused the parser to write past...

7.8CVSS6.7AI score0.00704EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2026/06/04 2:42 a.m.12 views

SUSE CVE-2022-46295

Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...

7.8CVSS7.1AI score0.00863EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in ffmpeg

There is a heap-based Buffer Overflow vulnerability in gaussianblur at libavfilter/vfedgedetect.c, which may lead to memory corruption and other potential issues...

8.8CVSS6.8AI score0.01833EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in ffmpeg5

FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow through the ffgaussianblur8 function in libavfilter/edgetemplate.c:116:5 component...

8CVSS7.1AI score0.00438EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.13 views

Astra Linux – Vulnerability in ffmpeg

There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in the file libavfilter/vfedgedetect.c within the gaussianblur module. This vulnerability may lead to memory corruption and other potential issues...

8.8CVSS6.7AI score0.01833EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.11 views

Federated Naive Bayes with Real Mixture of Gaussians and Institutional Governance Regularization for Network Intrusion Detection

Federated learning for intrusion detection rests on a flawed premise: that every participating institution contributes equally to the shared model. In practice, a financial institution with mature security controls and low vulnerability exposure produces fundamentally different data than a...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/11 12:0 a.m.7 views

Organizational Security Resource Estimation Via Vulnerability Queueing

We provide an approach that closely estimates an organization's cyber resources directly from vulnerability timestamps, using a non-stationary queueing framework. Traditional attack-surface metrics operate on static snapshots, ignoring the core attack-defense dynamics within information systems,...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/16 12:0 a.m.3 views

Cross-Scale Persistence Analysis of EM Side-Channels for Reference-Free Detection of Always-On Hardware Trojans

Always-on hardware Trojans pose a serious challenge to integrated circuit trust, as they remain active during normal operation and are difficult to detect in post-deployment settings without trusted golden references. This paper presents a reference-free detection framework based on cross-scale...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/19 8:44 p.m.6 views

@hotosm/id (>=2.18.1 <=2.34.0), @janefeel/id (>=2.35.0-dev <=2.35.23) +6 more potentially affected by CVE-2026-27210 via pannellum (=2.5.6)

pannellum NPM version =2.5.6 is affected by a known vulnerability. The following packages have a transitive dependency on pannellum and may be impacted: - @hotosm/id =2.18.1, =2.35.0-dev, =2.35.25, =2.18.5, =2.1.0, =2.33.0, =2.33.3 Source cves: CVE-2026-27210 Source advisory:...

6.1CVSS5.7AI score0.00319EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/03 12:0 a.m.12 views

Reference-Free EM Validation Flow for Detecting Triggered Hardware Trojans

Hardware Trojans HTs threaten the trust and reliability of integrated circuits ICs, particularly when triggered HTs remain dormant during standard testing and activate only under rare conditions. Existing electromagnetic EM side-channel-based detection techniques often rely on golden references o...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/27 12:0 a.m.4 views

Reference-Free Spectral Analysis of EM Side-Channels for Always-On Hardware Trojan Detection

Always-on hardware Trojans HTs pose a critical risk to trusted microelectronics, yet most side-channel detection methods rely on unavailable golden references. We present a reference-free approach that combines time-frequency EM analysis with Gaussian Mixture Models GMMs. By applying Short-Time...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/10 12:0 a.m.10 views

SecureDyn-FL: A Robust Privacy-Preserving Federated Learning Framework for Intrusion Detection in IoT Networks

The rapid proliferation of Internet of Things IoT devices across domains such as smart homes, industrial control systems, and healthcare networks has significantly expanded the attack surface for cyber threats, including botnet-driven distributed denial-of-service DDoS, malware injection, and dat...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/19 12:0 a.m.6 views

MAD-OOD: A Deep Learning Cluster-Driven Framework for an Out-Of-Distribution Malware Detection and Classification

Out of distribution OOD detection remains a critical challenge in malware classification due to the substantial intra family variability introduced by polymorphic and metamorphic malware variants. Most existing deep learning based malware detectors rely on closed world assumptions and fail to...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/17 12:0 a.m.6 views

Random Coding for Long-Range Continuous-Variable QKD

Quantum Key Distribution QKD schemes are key exchange protocols based on the physical properties of quantum channels. They avoid the computational-hardness assumptions that underlie the security of classical key exchange. Continuous-Variable QKD CVQKD, in contrast to qubit-based discrete-variable...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/01 12:0 a.m.3 views

An Introductory Review of the Theory of Continuous-Variable Quantum Key Distribution: Fundamentals, Protocols, and Security

Continuous-variable quantum key distribution CV-QKD has emerged as a promising approach for secure quantum communication, offering advantages such as high key generation rates, compatibility with standard telecommunication infrastructure, and potential for integration on photonic chips. This revi...

6.8AI score
Exploits0
OSV
OSV
added 2025/10/19 7:8 p.m.2 views

JLSEC-2025-131 FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ff_gaussian_blur_8 function ...

FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ffgaussianblur8 function in libavfilter/edgetemplate.c:116:5 component...

8CVSS7.4AI score0.00438EPSS
Exploits1References11
Rows per page
Query Builder