Lucene search
K

881 matches found

OSV
OSV
added 2025/08/22 4:15 p.m.2 views

UBUNTU-CVE-2025-29365

spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in READSTRINGSYSCALL...

9.8CVSS5.8AI score0.00464EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/08/22 12:0 a.m.3 views

CVE-2025-29365

spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in READSTRINGSYSCALL...

7.1AI score0.00464EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - genirq/irqsim: Initialize work context pointers properly Initialize ops member's pointers properly by using kzalloc instead of kmalloc when allocating the...

5.5CVSS6.6AI score0.00158EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2025/07/29 7:11 p.m.6 views

@freon4dsl/server (>=2.0.0-beta.1 <=2.0.0-beta.5), @tachybase/engine (>=1.0.21 <=1.1.2) +3 more potentially affected by CVE-2025-54420 +1 more via koa (=3.0.0)

koa NPM version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on koa and may be impacted: - @freon4dsl/server =2.0.0-beta.1, =1.0.21, =1.3.7, =1.4.0, =15.4.0, =15.4.2 Source cves: CVE-2025-54420, CVE-2025-8129 Source advisory:...

6.1CVSS5.8AI score0.00229EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/03 7:41 p.m.3 views

Malicious code in pricing-simulator-lib (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5c1139ad289202a8351450be1d1d9c57ca94946b8d066fbee4fa70796cc7853 Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/07/03 7:41 p.m.2 views

MAL-2025-5822 Malicious code in pricing-simulator-lib (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5c1139ad289202a8351450be1d1d9c57ca94946b8d066fbee4fa70796cc7853 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/28 3:17 p.m.8 views

CVE-2025-52573

iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...

6CVSS7.6AI score0.00658EPSS
Exploits0References1
NVD
NVD
added 2025/06/26 2:15 p.m.9 views

CVE-2025-52573

iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...

6CVSS0.00658EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/26 2:8 p.m.4 views

CVE-2025-52573 Command Injection in MCP Server ios-simulator-mcp

iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...

6CVSS7.6AI score0.00658EPSS
Exploits0References4
CVE
CVE
added 2025/06/26 2:8 p.m.30 views

CVE-2025-52573

CVE-2025-52573 affects the iOS Simulator MCP Server (ios-simulator-mcp). The vulnerability arises in the MCP Server’s tool definitions (notably the ui_tap tool) which rely on Node.js child process API exec. When untrusted input is used for parameters such as duration, udid, x, and y, shell meta-c...

6CVSS7.6AI score0.00658EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/26 2:8 p.m.11 views

CVE-2025-52573 Command Injection in MCP Server ios-simulator-mcp

iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...

6CVSS0.00658EPSS
Exploits0References4
OSV
OSV
added 2025/06/26 2:8 p.m.6 views

CVE-2025-52573 Command Injection in MCP Server ios-simulator-mcp

iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...

6CVSS7.3AI score0.00658EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2025/06/26 12:0 a.m.2 views

CyGym: a Simulation-Based Game-Theoretic Analysis Framework for Cybersecurity

We introduce a novel cybersecurity encounter simulator between a network defender and an attacker designed to facilitate game-theoretic modeling and analysis while maintaining many significant features of real cyber defense. Our simulator, built within the OpenAI Gym framework, incorporates...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2025/06/26 12:0 a.m.3 views

iOS Simulator MCP Server 操作系统命令注入漏洞

iOS Simulator MCP Server is an MCP server for interacting with iOS Simulator by Joshua Yoes, an individual developer. An operating system command injection vulnerability exists in iOS Simulator MCP Server versions prior to 1.3.3, which stems from a command injection vulnerability in some MCP Serv...

6CVSS7AI score0.00658EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/26 12:0 a.m.7 views

PT-2025-26970 · Apple · Ios Simulator Mcp Server

Name of the Vulnerable Software and Affected Versions: iOS Simulator MCP Server versions prior to 1.3.3 Description: The issue concerns a command injection vulnerability in the MCP Server tool definition and implementation. The MCP Server exposes the tool ui tap, which relies on the Node.js child...

6CVSS7.8AI score0.00658EPSS
Exploits0References9
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.3 views

Algorithmic Approaches to Enhance Safety in Autonomous Vehicles: Minimizing Lane Changes and Merging

The rapid advancements in autonomous vehicle AV technology promise enhanced safety and operational efficiency. However, frequent lane changes and merging maneuvers continue to pose significant safety risks and disrupt traffic flow. This paper introduces the Minimizing Lane Change Algorithm MLCA, ...

7.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2025/06/17 12:0 a.m.3 views

Delta Electronics COMMGR Insufficient Randomization Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Delta Electronics COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PLC simulator service, which listens on TCP port 8895 by default. By...

9.8CVSS9.6AI score0.00624EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:17 a.m.2 views

CVE-2023-30967

Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on the file system...

9.8CVSS6.8AI score0.00616EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:55 a.m.7 views

CVE-2023-34314

Insecure inherited permissions in some IntelR Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.1AI score0.00177EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 1:58 a.m.7 views

CVE-2023-47583

Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator V4.0.17.0 and earlier. If a user opens a specially crafted file X1 or V9 file, information may be disclosed and/or arbitrary code may be executed...

7.8CVSS7.3AI score0.00308EPSS
Exploits0References1
Rows per page
Query Builder