Lucene search
K

65 matches found

CVE
CVE
added 2026/04/07 7:56 p.m.11 views

CVE-2025-14857

CVE-2025-14857 affects Semtech LoRa LR11xxx transceivers on early firmware versions. The flaw is an improper access control: memory write via the physical SPI interface does not enforce write protection on the program call stack, enabling overwriting of stack memory and limited arbitrary code exe...

5.4CVSS6.2AI score0.00243EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

Semtech LR11xx LoRa 安全漏洞

Semtech LR11xx LoRa is a series of low-power wireless communication chips developed by the American company Semtech. There are security vulnerabilities in Semtech LR11xx LoRa. These vulnerabilities stem from improper access control in earlier firmware versions, which may allow attackers with...

5.4CVSS6AI score0.00243EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.5 views

PT-2026-30995

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

5.1CVSS5.8AI score0.00113EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.7 views

Semtech LR11xx LoRa 安全漏洞

Semtech LR11xx LoRa is a series of low-power wireless communication chips developed by the American company Semtech. There are security vulnerabilities in Semtech LR11xx LoRa; these vulnerabilities stem from information leaks in earlier firmware versions, which could allow attackers to bypass the...

5.1CVSS5.8AI score0.00113EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

Semtech LR11xx LoRa 安全漏洞

Semtech LR11xx LoRa is a series of low-power wireless communication chips developed by the American company Semtech. The Semtech LR11xx LoRa device has a security vulnerability, which stems from the use of non-standard encryption hash algorithms that are vulnerable to secondary image attacks. Thi...

7CVSS5.8AI score0.0011EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.6 views

PT-2026-30994

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...

5.4CVSS6.2AI score0.00243EPSS
Exploits1References3
Packet Storm News
Packet Storm News
added 2025/10/24 12:0 a.m.28 views

Jailbreak Mimicry: Automated Discovery of Narrative-Based Jailbreaks for Large Language Models

Large language models LLMs remain vulnerable to sophisticated prompt engineering attacks that exploit contextual framing to bypass safety mechanisms, posing significant risks in cybersecurity applications. We introduce Jailbreak Mimicry, a systematic methodology for training compact attacker mode...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/09 12:0 a.m.5 views

Bloodroot: When Watermarking Turns Poisonous for Stealthy Backdoor

Backdoor data poisoning is a crucial technique for ownership protection and defending against malicious attacks. Embedding hidden triggers in training data can manipulate model outputs, enabling provenance verification, and deterring unauthorized use. However, current audio backdoor methods are...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-25314

Malware in sbrugna...

5CVSS5.4AI score0.00947EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-48127

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00717EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-48128

Malicious code in bioql PyPI...

3.5CVSS5AI score0.0022EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2025/09/18 12:0 a.m.5 views

SecureFixAgent: a Hybrid LLM Agent for Automated Python Static Vulnerability Repair

Modern software development pipelines face growing challenges in securing large codebases with extensive dependencies. Static analysis tools like Bandit are effective at vulnerability detection but suffer from high false positives and lack repair capabilities. Large Language Models LLMs, in...

6.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/31 12:0 a.m.4 views

PT-2025-32493 · Pypi · Ms-Swift

This appears to be a security vulnerability report describing a remote code execution RCE exploit in the ms-swift framework through malicious pickle deserialization in adapter model files. The vulnerability allows arbitrary command execution when loading specially crafted adapter models from...

7.5CVSS8AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 10:45 p.m.9 views

CVE-2022-45228

Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page...

3.5CVSS7.4AI score0.0022EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:46 p.m.12 views

CVE-2022-45227

The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. This address has a backup file which can be downloaded without any authentication...

7.5CVSS6.9AI score0.00717EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:35 p.m.10 views

CVE-2020-28349

An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees...

6.8CVSS6.8AI score0.02175EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/04/25 12:0 a.m.90 views

Automating Function-Level TARA for Automotive Full-Lifecycle Security

As modern vehicles evolve into intelligent and connected systems, their growing complexity introduces significant cybersecurity risks. Threat Analysis and Risk Assessment TARA has therefore become essential for managing these risks under mandatory regulations. However, existing TARA automation...

6.7AI score
Exploits0
CVE
CVE
added 2024/05/10 5:7 p.m.126 views

CVE-2024-34359

CVE-2024-34359 affects llama-cpp-python (Python bindings for llama.cpp). The vulnerability arises when init loads a model’s chat template from the gguf metadata and constructs self.chat_handler via llama_chat_format.Jinja2ChatFormatter.to_chat_handler(), using a sandbox-less Jinja2 Environment. R...

9.6CVSS7.8AI score0.2842EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2023/02/13 7:27 a.m.6 views

lora-solutions.com Cross Site Scripting vulnerability OBB-3193068

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2022/12/12 3:15 a.m.7 views

CVE-2022-45228

Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page...

3.5CVSS5.8AI score0.0022EPSS
Exploits1References1
Rows per page
Query Builder