Taiko Alethia 跨站脚本漏洞

Taiko Alethia is an open source Taiko Labs collection of software for implementing the Ethernet-based ZK-EVM Rollup protocol for the Taiko Layer 2 network. A cross-site scripting vulnerability exists in Taiko Alethia version 3.2.41.10.26, which stems from the presence of cross-site script injecti...

EUVD-2025-200306

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, there are multiple XSS due to unsafe use of f-strings in Markup. The issue requires a malicious 3rd party server responding with a JSON document...

A Wolf in Sheep's Clothing: Bypassing Commercial LLM Guardrails Via Harmless Prompt Weaving and Adaptive Tree Search

Large language models LLMs remain vulnerable to jailbreak attacks that bypass safety guardrails to elicit harmful outputs. Existing approaches overwhelmingly operate within the prompt-optimization paradigm: whether through traditional algorithmic search or recent agent-based workflows, the...

PT-2025-48751

Name of the Vulnerable Software and Affected Versions Lookyloo versions prior to 1.35.3 Description Lookyloo is a web interface used to capture website pages and display a tree of domains that interact with each other. Prior to version 1.35.3, multiple Cross-Site Scripting XSS issues exist due to...

PT-2025-41: The Twinkly Light Tree 3D firmware uses a vulnerable Blufi library

The vulnerability was identified in the Twinkly Light Tree 3D firmware, 2.8.18. An attacker within Bluetooth range, with physical access to a device running firmware prior to 2.9.0 and provisioning mode manually re-enabled could, in an attack scenario, interfere with the provisioning exchange and...

LLMs As Firmware Experts: A Runtime-Grown Tree-Of-Agents Framework

Large Language Models LLMs and their agent systems have recently demonstrated strong potential in automating code reasoning and vulnerability detection. However, when applied to large-scale firmware, their performance degrades due to the binary nature of firmware, complex dependency structures, a...

Think Fast: Real-Time IoT Intrusion Reasoning Using IDS and LLMs at the Edge Gateway

As the number of connected IoT devices continues to grow, securing these systems against cyber threats remains a major challenge, especially in environments with limited computational and energy resources. This paper presents an edge-centric Intrusion Detection System IDS framework that integrate...

ARM: dts: qcom: replace gcc PXO with pxo_board fixed clock

...

CVE-2025-65095

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to version 1.35.1, there is potential cross-site scripting on index and tree page. This issue has been patched in version 1.35.1...

Google Chrome < 4.5.103.29 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 4.5.103.29. It is, therefore, affected by multiple vulnerabilities as referenced in the 201509stable-channel-update advisory. - Multiple unspecified vulnerabilities in Google Chrome before 45.0.2454.85 allow attackers to...

CVE-2025-65095

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to version 1.35.1, there is potential cross-site scripting on index and tree page. This issue has been patched in version 1.35.1...

EUVD-2025-198237

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to version 1.35.1, there is potential cross-site scripting on index and tree page. This issue has been patched in version 1.35.1...

CVE-2025-65095

CVE-2025-65095 affects Lookyloo (web interface for capturing pages and displaying a domain-call tree). The vulnerability is a cross-site scripting issue originating from insufficient input sanitization on the index and tree pages in versions prior to 1.35.1. Exploitation details are not provided ...

CVE-2025-65095 Lookyloo is vulnerable due to improper user input sanitization

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to version 1.35.1, there is potential cross-site scripting on index and tree page. This issue has been patched in version 1.35.1...

Lookyloo 跨站脚本漏洞

Lookyloo is a website capture tool from Lookyloo open source. A cross-site scripting vulnerability exists in Lookyloo versions prior to 1.35.1, which stems from a potential cross-site scripting attack on the index and tree pages...

PT-2025-47512

Name of the Vulnerable Software and Affected Versions Lookyloo versions prior to 1.35.1 Description Lookyloo, a web interface for capturing website pages and displaying domain call trees, contains a potential cross-site scripting issue on the index and tree pages. This allows for full DOM takeove...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

A Unified Compositional View of Attack Tree Metrics

Attack trees ATs are popular graphical models for reasoning about the security of complex systems, allowing for the quantification of risk through so-called AT metrics. A large variety of different such AT metrics have been proposed, and despite their wide-spread practical use, no systematic...

Mozilla Firefox ESR < 52.2

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 52.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-16 advisory. - A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer...

Adaptive Dual-Layer Web Application Firewall (ADL-WAF) Leveraging Machine Learning for Enhanced Anomaly and Threat Detection

Web Application Firewalls are crucial for protecting web applications against a wide range of cyber threats. Traditional Web Application Firewalls often struggle to effectively distinguish between malicious and legitimate traffic, leading to limited efficacy in threat detection. To overcome these...