683 matches found
EUVD-2006-0808
Malware in sbrugna...
EUVD-2014-0154
Malware in sbrugna...
MulVuln: Enhancing Pre-Trained LMs with Shared and Language-Specific Knowledge for Multilingual Vulnerability Detection
Software vulnerabilities SVs pose a critical threat to safety-critical systems, driving the adoption of AI-based approaches such as machine learning and deep learning for software vulnerability detection. Despite promising results, most existing methods are limited to a single programming languag...
EUVD-2023-56052
Malicious code in bioql PyPI...
EUVD-2024-50968
Malicious code in bioql PyPI...
EUVD-2023-52861
Malicious code in bioql PyPI...
EUVD-2022-48720
Malicious code in bioql PyPI...
EUVD-2022-44361
Malicious code in bioql PyPI...
EUVD-2022-35484
Malicious code in bioql PyPI...
EUVD-2023-40981
Malicious code in bioql PyPI...
EUVD-2023-33392
Malicious code in bioql PyPI...
CVE-2025-55211
FreePBX is an open-source web-based graphical user interface. From 17.0.19.11 to before 17.0.21, authenticated users of the Administrator Control Panel ACP can run arbitrary shell commands by maliciously changing languages of the framework module. This vulnerability is fixed in 17.0.21...
PT-2025-37763
Name of the Vulnerable Software and Affected Versions: FreePBX versions 17.0.19.11 through 17.0.20 Description: FreePBX is a web-based graphical user interface. Authenticated users of the Administrator Control Panel ACP can execute arbitrary shell commands by manipulating the framework module's...
Trust Me, I Know This Function: Hijacking LLM Static Analysis Using Bias
Large Language Models LLMs are increasingly trusted to perform automated code review and static analysis at scale, supporting tasks such as vulnerability detection, summarization, and refactoring. In this paper, we identify and exploit a critical vulnerability in LLM-based code analysis: an...
CryptoScope: Utilizing Large Language Models for Automated Cryptographic Logic Vulnerability Detection
Cryptographic algorithms are fundamental to modern security, yet their implementations frequently harbor subtle logic flaws that are hard to detect. We introduce CryptoScope, a novel framework for automated cryptographic vulnerability detection powered by Large Language Models LLMs. CryptoScope...
Symbolic Execution in Practice: a Survey of Applications in Vulnerability, Malware, Firmware, and Protocol Analysis
Symbolic execution is a powerful program analysis technique that allows for the systematic exploration of all program paths. Path explosion, where the number of states to track becomes unwieldy, is one of the biggest challenges hindering symbolic execution's practical application. To combat this,...
Multilingual Source Tracing of Speech Deepfakes: a First Benchmark
Recent progress in generative AI has made it increasingly easy to create natural-sounding deepfake speech from just a few seconds of audio. While these tools support helpful applications, they also raise serious concerns by making it possible to generate convincing fake speech in many languages...
Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development
This report, released by NSA and CISA, acknowledges the challenges and aims to provide a balanced view of the state of MSLs. Reducing memory safety vulnerabilities requires understanding when MSLs are appropriate, knowing how to adopt them effectively, and recognizing where non-MSLs remain...
What LLMs Know About Their Users
Simon Willison talks about ChatGPT's new memory dossier feature. In his explanation, he illustrates how much the LLM--and the company--knows about its users. It's a big quote, but I want you to read it all. Here's a prompt you can use to give you a solid idea of what's in that summary. I first sa...
New Guidance Released for Reducing Memory-Related Vulnerabilities
Today, CISA, in partnership with the National Security Agency NSA, released a joint guide on reducing memory-related vulnerabilities in modern software development. Memory safety vulnerabilities pose serious risks to national security and critical infrastructure. Adopting memory safe languages MS...