127 matches found
EUVD-2023-41142
Malicious code in bioql PyPI...
EUVD-2024-45849
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2014-0085
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local...
Moderate: Red Hat Security Advisory: glib2 security update
An update for glib2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...
Linux Distros Unpatched Vulnerability : CVE-2018-19871
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption. CVE-2018-19871 Note that Nessus relies on the presence of the...
Image Selective Encryption Analysis Using Mutual Information in CNN Based Embedding Space
As digital data transmission continues to scale, concerns about privacy grow increasingly urgent - yet privacy remains a socially constructed and ambiguously defined concept, lacking a universally accepted quantitative measure. This work examines information leakage in image data, a domain where...
Linux Distros Unpatched Vulnerability : CVE-2021-3491
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin...
CASCADE: LLM-Powered JavaScript Deobfuscator at Google
Software obfuscation, particularly prevalent in JavaScript, hinders code comprehension and analysis, posing significant challenges to software testing, static analysis, and malware detection. This paper introduces CASCADE, a novel hybrid approach that integrates the advanced coding capabilities o...
Exploit for Prototype Pollution in Naver Billboard.Js
💥 CVE-2025-49223 - Prototype Pollution in Billboard.js bill...
CVE-2024-52344
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeies Pvt Ltd Provide Forex Signals provide-forex-signals allows Stored XSS.This issue affects Provide Forex Signals: from n/a through = 1.0...
CVE-2023-23286
Cross Site Scripting XSS vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form...
CVE-2020-11706
An issue was discovered in ProVide formerly zFTPServer through 13.1. The Admin Interface allows CSRF for actions such as: Change any username and password, admin ones included; Create/Delete users; Enable/Disable Services; Set a rogue update proxy; and Shutdown the server...
CVE-2020-11704
An issue was discovered in ProVide formerly zFTPServer through 13.1. The Admin Web Interface has Multiple Stored and Reflected XSS. GetInheritedProperties is Reflected via the groups parameter. GetUserInfo is Reflected via POST data. SetUserInfo is Stored via the general parameter...
CVE-2020-11702
An issue was discovered in ProVide formerly zFTPServer through 13.1. The User Web Interface has Multiple Stored and Reflected XSS issues. Collaborate is Reflected via the filename parameter. Collaborate is Stored via the displayname parameter. Deletemultiple is Reflected via the files parameter...
CVE-2020-11707
An issue was discovered in ProVide formerly zFTPServer through 13.1. It doesn't enforce permission over Windows Symlinks or Junctions. As a result, a low-privileged user non-admin can craft a Junction Link in a directory he has full control of, breaking out of the sandbox...
CVE-2020-11705
An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/ImportCertificate allows an attacker to load an arbitrary certificate in .pfx format or overwrite arbitrary files via the fileName parameter...
CVE-2020-11703
An issue was discovered in ProVide formerly zFTPServer through 13.1. /ajax/GetInheritedProperties allows HTTP Response Splitting via the language parameter...
CVE-2020-11708
An issue was discovered in ProVide formerly zFTPServer through 13.1. Privilege escalation can occur via the /ajax/SetUserInfo messages parameter because of the EXECUTE feature, which is for executing programs when certain events are triggered...
Enhancing Meme Token Market Transparency: a Multi-Dimensional Entity-Linked Address Analysis for Liquidity Risk Evaluation
Meme tokens represent a distinctive asset class within the cryptocurrency ecosystem, characterized by high community engagement, significant market volatility, and heightened vulnerability to market manipulation. This paper introduces an innovative approach to assessing liquidity risk in meme tok...
BELL-CVE-2025-1182
Bulletin has no description...