1958 matches found
EUVD-2023-28967
Malicious code in bioql PyPI...
EUVD-2024-21255
Malicious code in bioql PyPI...
LegalSim: Multi-Agent Simulation of Legal Systems for Discovering Procedural Exploits
We present LegalSim, a modular multi-agent simulation of adversarial legal proceedings that explores how AI systems can exploit procedural weaknesses in codified rules. Plaintiff and defendant agents choose from a constrained action space for example, discovery requests, motions, meet-and-confer,...
Pentesting-Assistant
Pentesting-Assistant AI-powered penetration testing assist...
Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions
Car makers don't trust blueprints. They smash prototypes into walls. Again and again. In controlled conditions. Because design specs don't prove survival. Crash tests do. They separate theory from reality. Cybersecurity is no different. Dashboards overflow with "critical" exposure alerts...
Malicious code in com.unity.simulation.core (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-47637 Malicious code in com.unity.simulation.core (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in com.unity.simulation.capture (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-47636 Malicious code in com.unity.simulation.capture (npm)
--- -= Per source details. Do not edit below this line.=-...
End-To-End Co-Simulation Testbed for Cybersecurity Research and Development in Intelligent Transportation Systems
Intelligent Transportation Systems ITS have been widely deployed across major metropolitan regions worldwide to improve roadway safety, optimize traffic flow, and reduce environmental impacts. These systems integrate advanced sensors, communication networks, and data analytics to enable real-time...
Realistic Environmental Injection Attacks on GUI Agents
GUI agents built on LVLMs are increasingly used to interact with websites. However, their exposure to open-world content makes them vulnerable to Environmental Injection Attacks EIAs that hijack agent behavior via webpage elements. Many recent studies assume the attacker to be a regular user who...
DEBIAN-CVE-2025-58143
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...
CVE-2025-58143 Mutiple vulnerabilities in the Viridian interface
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...
CVE-2025-58143 Mutiple vulnerabilities in the Viridian interface
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...
A Cyber-Twin Based Honeypot for Gathering Threat Intelligence
Critical Infrastructure CI is prone to cyberattacks. Several techniques have been developed to protect CI against such attacks. In this work, we describe a honeypot based on a cyber twin for a water treatment plant. The honeypot is intended to serve as a realistic replica of a water treatment pla...
Efficient QKD in Non-Ideal Scenarios with User-Defined Output Length Requirements
Quantum Key Distribution QKD enables two parties to securely share encryption keys by leveraging the principles of quantum mechanics, offering protection against eavesdropping. In practical implementations, QKD systems often rely on a layered architecture where a key manager stores secret key...
PUB-A-394583415
In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Integrated Simulation Framework for Adversarial Attacks on Autonomous Vehicles
Autonomous vehicles AVs rely on complex perception and communication systems, making them vulnerable to adversarial attacks that can compromise safety. While simulation offers a scalable and safe environment for robustness testing, existing frameworks typically lack comprehensive supportfor...
Microarchitecture Design and Benchmarking of Custom SHA-3 Instruction for RISC-V
Integrating cryptographic accelerators into modern CPU architectures presents unique microarchitectural challenges, particularly when extending instruction sets with complex and multistage operations. Hardware-assisted cryptographic instructions, such as Intel's AES-NI and ARM's custom instructio...
A Comprehensive Review of Denial of Wallet Attacks in Serverless Architectures
The Denial of Wallet DoW attack poses a unique and growing threat to serverless architectures that rely on Function-as-a-Service FaaS models, exploiting the cost structure of pay-as-you-go billing to financially burden application owners. Unlike traditional Denial of Service DoS attacks, which ai...