SDLLMFuzz: Dynamic-Static LLM-Assisted Greybox Fuzzing for Structured Input Programs

Fuzzing has become a widely adopted technique for vulnerability discovery, yet it remains ineffective for structured-input programs due to strict syntactic constraints and limited semantic awareness. Traditional greybox fuzzers rely on mutation-based strategies and coarse-grained coverage feedbac...

RandSet: Randomized Corpus Reduction for Fuzzing Seed Scheduling

Seed explosion is a fundamental problem in fuzzing seed scheduling, where a fuzzer maintains a huge corpus and fails to choose promising seeds. Existing works focus on seed prioritization but still suffer from seed explosion since corpus size remains huge. We tackle this from a new perspective:...

PBFuzz: Agentic Directed Fuzzing for PoV Generation

Proof-of-Vulnerability PoV input generation is a critical task in software security and supports downstream applications such as path generation and validation. Generating a PoV input requires solving two sets of constraints: 1 reachability constraints for reaching vulnerable code locations, and ...

EUVD-2024-21843

Malicious code in bioql PyPI...

EUVD-2024-21839

Malicious code in bioql PyPI...

EUVD-2023-40952

Malicious code in bioql PyPI...

EUVD-2024-21841

Malicious code in bioql PyPI...

EUVD-2023-40958

Malicious code in bioql PyPI...

EUVD-2024-21836

Malicious code in bioql PyPI...

EUVD-2023-40948

Malicious code in bioql PyPI...

MAL-2025-8777 Malicious code in @malware-test-magma-lunes-knows-kudos/test-mlw3-magma-lunes-knows-kudos (npm)

The package @malware-test-magma-lunes-knows-kudos/test-mlw3-magma-lunes-knows-kudos was found to contain malicious code...

MAL-2025-35931 Malicious code in test-mlw2-owing-studs-magma-lezzy (npm)

The package test-mlw2-owing-studs-magma-lezzy was found to contain malicious code...

MAL-2025-35946 Malicious code in test-mlw2-parky-whoas-nieve-magma (npm)

The package test-mlw2-parky-whoas-nieve-magma was found to contain malicious code...

Malicious code in test-mlw2-owing-studs-magma-lezzy (npm)

The package test-mlw2-owing-studs-magma-lezzy was found to contain malicious code...

Malicious code in @malware-test-magma-lunes-knows-kudos/test-mlw3-magma-lunes-knows-kudos (npm)

The package @malware-test-magma-lunes-knows-kudos/test-mlw3-magma-lunes-knows-kudos was found to contain malicious code...

Malicious code in test-mlw2-parky-whoas-nieve-magma (npm)

The package test-mlw2-parky-whoas-nieve-magma was found to contain malicious code...

CVE-2024-24417

The Linux Foundation Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 was discovered to contain a buffer overflow in the decodeprotocolconfigurationoptions function at /3gpp/3gpp24.008smies.c. This vulnerability allows attackers to cause a Denial of Service DoS via a...

CVE-2024-24418

The Linux Foundation Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 was discovered to contain a buffer overflow in the decodepdnaddress function at /nas/ies/PdnAddress.cpp. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted NAS packet...

CVE-2024-24421

A type confusion in the nasmessagedecode function of Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows attackers to execute arbitrary code or cause a Denial of Service DoS via a crafted NAS packet...

CVE-2024-24419

The Linux Foundation Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 was discovered to contain a buffer overflow in the decodetrafficflowtemplatepacketfilter function at /3gpp/3gpp24.008smies.c. This vulnerability allows attackers to cause a Denial of Service DoS via a...