Lucene search
+L

322 matches found

Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26677

Name of the Vulnerable Software and Affected Versions libde265 versions prior to 1.0.17 Description libde265 is an open source implementation of the h.265 video codec. A malformed H.265 PPS NAL unit can cause a segmentation fault in the pic parameter set::set derived values function...

8.7CVSS5.8AI score0.00349EPSS
Exploits1References18
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/11 9:6 p.m.7 views

Malicious code in f0-abstraction-resolver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 224dc9dfb692343ce6baa1f2e8ce95e413f8a4d8d9991bea7c7272923cd7498c The package f0-abstraction-resolver was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/11 9:6 p.m.4 views

MAL-2026-1347 Malicious code in f0-abstraction-resolver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 224dc9dfb692343ce6baa1f2e8ce95e413f8a4d8d9991bea7c7272923cd7498c The package f0-abstraction-resolver was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.4 views

SmartGraphical: A Human-In-The-Loop Framework for Detecting Smart Contract Logical Vulnerabilities Via Pattern-Driven Static Analysis and Visual Abstraction

Smart contracts are fundamental components of blockchain ecosystems; however, their security remains a critical concern due to inherent vulnerabilities. While existing detection methodologies are predominantly syntax-oriented, targeting reentrancy and arithmetic errors, they often overlook logica...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005619 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtasosterm It's unsafe to use rtasbusydelay to handle a busy...

5.5CVSS6AI score0.00149EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/02/19 8:45 p.m.9 views

2m (=1.2.5), a-api-server (=1.3.0) +3876 more potentially affected by CVE-2026-27205 via flask (>=0.10.1 <=3.1.2)

flask PYPI version =0.10.1, =0.1.0, =0.10.0, =1.0.2, =1.0.0, =1.0.5, =1.8.8, =1.0.2, =0.3.1, =0.3.7.dev2 and more Source cves: CVE-2026-27205 Source advisory: OSV:GHSA-68RP-WP8R-4726...

4.3CVSS5.7AI score0.00374EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/11 7:22 a.m.7 views

CVE-2025-22873

A path traversal vulnerability has been identified in the Go os package affecting the Root abstraction, where improper handling of trailing path separators could allow access to the parent directory of a configured root directory. By supplying a filename ending in "../", an attacker may be able t...

5.3CVSS5.3AI score0.00238EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2026/02/06 12:0 a.m.4 views

KRONE: Hierarchical and Modular Log Anomaly Detection

Log anomaly detection is crucial for uncovering system failures and security risks. Although logs originate from nested component executions with clear boundaries, this structure is lost when they are stored as flat sequences. As a result, state-of-the-art methods risk missing true dependencies...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/02/03 11:57 p.m.6 views

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the dirFS filesystem abstraction. An attacker can perform unauthorized filesystem writes outside the intended base directory by supplying a crafted APK package containing malicious directory or symlink entrie...

7.5CVSS5.5AI score0.00369EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/03 11:57 p.m.4 views

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the dirFS filesystem abstraction. An attacker can perform unauthorized filesystem writes outside the intended base directory by supplying a crafted APK package containing malicious directory or symlink entrie...

7.5CVSS5.5AI score0.00369EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:17 a.m.6 views

CVE-2021-0547

In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker-controlled value to a GPS HAL handler due to a missing permission check. This could lead to local escalation of privilege that may result in undefined behavior in some HAL implementations with no additional...

7.8CVSS6.7AI score0.00108EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:43 a.m.21 views

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lmitemNum is out of range...

8.4CVSS7AI score0.00111EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/12/30 12:15 p.m.7 views

CVE-2022-50870

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtasosterm rtasosterm is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ...

5.3AI score0.00177EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.13 views

PT-2025-53988

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s powerpc/rtas component where the rtas os term function, called during kernel panic, could potentially hang the system if devtree lock is held. This...

7.8CVSS6.9AI score0.00462EPSS
Exploits2References898
Packet Storm News
Packet Storm News
added 2025/12/22 12:0 a.m.7 views

Energy-Efficient Multi-LLM Reasoning for Binary-Free Zero-Day Detection in IoT Firmware

Securing Internet of Things IoT firmware remains difficult due to proprietary binaries, stripped symbols, heterogeneous architectures, and limited access to executable code. Existing analysis methods, such as static analysis, symbolic execution, and fuzzing, depend on binary visibility and...

6.9AI score
Exploits0
Fedora
Fedora
added 2025/12/04 12:53 a.m.8 views

[SECURITY] Fedora 43 Update: kf6-knotifications-6.20.0-2.fc43

KDE Frameworks 6 Tier 3 solution with abstraction for system notifications...

7AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2025/11/13 12:0 a.m.9 views

A Bootiful Podcast: The legendary Bruce Eckel on language design, effects, abstraction, concurrency, and so much more

Hi, Spring fans! In this installment, I sit down with the legendary Bruce Eckel, who has probably forgotten more about programming languages than I will ever know, and whose book Thinking in Java helped launch me into a career...

6.9AI score
Exploits0
Fedora
Fedora
added 2025/11/03 1:2 a.m.11 views

[SECURITY] Fedora 41 Update: rust-astral-tokio-tar-0.5.6-1.fc41

A Rust implementation of an async TAR file reader and writer. This library does not currently handle compression, but it is abstract over all I/O readers and writers. Additionally, great lengths are taken to ensure that the entire contents are never required to be entirely resident in memory all ...

8.1CVSS7AI score0.00677EPSS
Exploits1
EUVD
EUVD
added 2025/10/22 3:31 p.m.3 views

EUVD-2022-55650

In the Linux kernel, the following vulnerability has been resolved: class: fix possible memory leak in classregister If classaddgroups returns error, the 'cp-subsys' need be unregister, and the 'cp' need be freed. We can not call ksetunregister here, because the 'cls' will be freed in callback...

5AI score0.00226EPSS
Exploits0References9
Veracode
Veracode
added 2025/10/16 7:11 a.m.11 views

Information Disclosure

typo3/cms-core is vulnerable to Information Disclosure. The vulnerability is due to improper handling of error messages in the File Abstraction Layer, which exposes full file paths during failed file-system operations, allowing an attacker to disclose sensitive system information...

5.3CVSS6.7AI score0.00214EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder