ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +7626 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.77)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.4.0, =1.2.0, =1.2.0-alpha07, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2025.05.12.160240-6152e21 and more Source cves: CVE-2025-8885 Source...

From Discovery to Testing: Akamai and Snyk Deliver Seamless API Security

...

Linux Distros Unpatched Vulnerability : CVE-2024-39510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefilesondemanddaemonread We got the following iss...

Linux Distros Unpatched Vulnerability : CVE-2025-37773

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a...

Security Analysis of ChatGPT: Threats and Privacy Risks

As artificial intelligence technology continues to advance, chatbots are becoming increasingly powerful. Among them, ChatGPT, launched by OpenAI, has garnered widespread attention globally due to its powerful natural language processing capabilities based on the GPT model, which enables it to...

Exploit for OS Command Injection in Kemptechnologies Loadmaster

CVE-2024-7591-PoC These PoC python scripts test the Kemp LoadM...

Linux Distros Unpatched Vulnerability : CVE-2025-37916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pdscore: remove write-after-free of clientid A use-after-free error popped up in stress...

Power Pwn 4.0.1

Power Pwn is a powerful open‑source toolset designed for red‑teaming and security testing within the Microsoft 365 environment, particularly around Copilot, Copilot Studio, and the Power Platform...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

pocsuite3 Legal Disclaimer Usage of pocsuite3 for attacking targets without prior mutual consent is illegal. pocsuite3 is for security testing purposes only 法律免责声明 未经事先双方同意，使用 pocsuite3 攻击目标是非法的。 pocsuite3 仅用于安全测试目的 Overview pocsuite3 is an open-sourced remote vulnerability testing and...

CVE-2024-58238

In the Linux kernel Bluetooth btnxpuart driver, CVE-2024-58238, a race during power-save UART break handling could cause a TX timeout when two HCI commands timed with the 2-second power-save window occurred during extended stress tests. The issue was mitigated by adding a ps_lock mutex around UAR...

Linux Distros Unpatched Vulnerability : CVE-2024-56676

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with free Variables annotated with fre...

Exploit for Code Injection in Xwiki

PoC for CVE-2025-24893 — XWiki Remote Code Execution Safe PoC...

LMeterX 路径遍历漏洞

LMeterX is an open source professional load testing program for any LLM API by MigoXLab. A path traversal vulnerability exists in LMeterX version 1.2.0, which stems from incorrect manipulation of the parameter taskid in the file backend/service/uploadservice.py resulting in path traversal...

Malicious code in raknet-testing-package2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d26ae7cefa4b8ebaf16a44f6d3c42c1fd6dbacda884e5b03b06da5ff237d7435 During installation, the package attempts to install the own MITM proxy without user's consent and hijack all requests --- Category: MALICIOUS - The campaign h...

MAL-2025-41730 Malicious code in raknet-testing-package2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d26ae7cefa4b8ebaf16a44f6d3c42c1fd6dbacda884e5b03b06da5ff237d7435 During installation, the package attempts to install the own MITM proxy without user's consent and hijack all requests --- Category: MALICIOUS - The campaign h...

Malicious code in raknet-testing-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f558ab07d5858b728bc43a5a17c5eff73b0413f2d871ac3bc33b1b8c30a6ef5 During installation, the package attempts to install the own MITM proxy without user's consent and hijack all requests --- Category: MALICIOUS - The campaign h...

MAL-2025-41729 Malicious code in raknet-testing-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f558ab07d5858b728bc43a5a17c5eff73b0413f2d871ac3bc33b1b8c30a6ef5 During installation, the package attempts to install the own MITM proxy without user's consent and hijack all requests --- Category: MALICIOUS - The campaign h...

AI wrote my code and all I got was this broken prototype

Welcome to this week's edition of the Threat Source newsletter. Vulnerabilities within software are a persistent challenge. Software engineers inadvertently tend to make the same mistakes repeatedly, with the same entries appearing in the annual top 25 list of Common Weakness Enumerations each...

Malicious code in sendbird-uikit-testing-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ca3c517cac33d5fa40994b1304bd775f28b7cc7abbe7781a8f98db43839a47ab The OpenSSF Package Analysis project identified 'sendbird-uikit-testing-tools' @ 1019.0.1 npm as malicious. It is considered malicious because: ...

An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life (Part 1)

Building the Bench This is the first in a three part series on building and using a testing bench for ICS systems. In this series we will build a physical test bench, review program logic to find flaws, perform manual exploitation of commonly used ICS protocols such as Modbus, then develop malwar...