Lucene search
+L

163 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/22 12:0 a.m.3 views

Vulnerability of the WebRTC component: The signaling browsers Mozilla Firefox, Firefox ESR, and the email client Thunderbird, which allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the WebRTC component: The signaling browsers Mozilla Firefox, Firefox ESR, and the email client Thunderbird are vulnerable due to dependencies on behaviors that are uncertain for each type of implementation. Exploiting this vulnerability allows a malicious actor to compromise...

10CVSS5.8AI score0.00418EPSS
Exploits0References15Affected Software6
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.23 views

Do Skill Descriptions Tell the Truth? Detecting Undisclosed Security Behaviors in Code-Backed LLM Skills

Programmatic skills in LLM ecosystems consist of a natural-language description and executable implementation files. Users and LLMs rely on the description to understand the skill's scope. However, the implementation may perform security-relevant operations, such as credential access, network...

5.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/15 8:47 a.m.3 views

CVE-2025-52641

HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such information may provide insights into the underlying environment, which could potentially aid in further targeted actions or limited information...

2.9CVSS5.8AI score0.00116EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.7 views

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from issues with hash calculations. This vulnerability may cause rules that use address-range syntax to be silently discarded, resulting in unexpected behaviors...

7.5CVSS5.8AI score0.0025EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.11 views

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities; these vulnerabilities were caused by specially crafted ICC configuration files that could trigger undefined behaviors...

6.2CVSS5.9AI score0.00156EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.9 views

iccDEV 数字错误漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained a numerical error vulnerability. This vulnerability occurred due to specially crafted TIFF inputs, which could lead to zero errors and trigger...

6.2CVSS5.9AI score0.00156EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/24 12:0 a.m.10 views

iccDEV security vulnerability

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.1 contained security vulnerabilities. These vulnerabilities were caused by empty pointer dereferencing and undefined behaviors in CIccXmlArrayType, which...

8.8CVSS5.9AI score0.00395EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2025/11/20 12:0 a.m.6 views

RampoNN: A Reachability-Guided System Falsification for Efficient Cyber-Kinetic Vulnerability Detection

Detecting kinetic vulnerabilities in Cyber-Physical Systems CPS, vulnerabilities in control code that can precipitate hazardous physical consequences, is a critical challenge. This task is complicated by the need to analyze the intricate coupling between complex software behavior and the system's...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-18550

Malicious code in bioql PyPI...

7.8CVSS5AI score0.0014EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-18607

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.00105EPSS
Exploits0References1
Wiz blog
Wiz blog
added 2025/09/22 2:50 p.m.6 views

IMDS Abused: Hunting Rare Behaviors to Uncover Exploits

When common processes start asking the wrong questions...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/09/08 12:0 a.m.3 views

The vulnerability of the console-based graphic editor ImageMagick lies in its dependence on behaviors that are uncertain for each implementation type. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the console-based graphic editor ImageMagick is related to its dependence on behaviors that are uncertain for each implementation type. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

6.1CVSS6.4AI score0.00407EPSS
Exploits1References16Affected Software8
Packet Storm News
Packet Storm News
added 2025/08/24 12:0 a.m.10 views

Rethinking Denial-Of-Service: a Conditional Taxonomy Unifying Availability and Sustainability Threats

This paper proposes a unified, condition-based framework for classifying both legacy and cloud-era denial-of-service DoS attacks. The framework comprises three interrelated models: a formal conditional tree taxonomy, a hierarchical lattice structure based on order theory, and a conceptual Venn...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/04 12:0 a.m.8 views

Thwart Me If You Can: an Empirical Analysis of Android Platform Armoring against Stalkerware

Stalkerware is a serious threat to individuals' privacy that is receiving increased attention from the security and privacy research communities. Existing works have largely focused on studying leading stalkerware apps, dual-purpose apps, monetization of stalkerware, or the experience of survivor...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/07 12:0 a.m.7 views

Hunting in the Dark: Metrics for Early Stage Traffic Discovery

Threat hunting is an operational security process where an expert analyzes traffic, applying knowledge and lightweight tools on unlabeled data in order to identify and classify previously unknown phenomena. In this paper, we examine threat hunting metrics and practice by studying the detection of...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/07 12:0 a.m.4 views

Red Teaming AI Red Teaming

Red teaming has evolved from its origins in military applications to become a widely adopted methodology in cybersecurity and AI. In this paper, we take a critical look at the practice of AI red teaming. We argue that despite its current popularity in AI governance, there exists a significant gap...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/30 12:0 a.m.5 views

Shill Bidding Prevention in Decentralized Auctions Using Smart Contracts

In online auctions, fraudulent behaviors such as shill bidding pose significant risks. This paper presents a conceptual framework that applies dynamic, behavior-based penalties to deter auction fraud using blockchain smart contracts. Unlike traditional post-auction detection methods, this approac...

6.7AI score
Exploits0
HackRead
HackRead
added 2025/05/27 9:24 p.m.16 views

ChatGPT o3 Resists Shutdown Despite Instructions, Study Claims

ChatGPT o3 resists shutdown despite explicit instructions, raising fresh concerns over AI safety, alignment, and reinforcement learning behaviors...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:36 a.m.18 views

CVE-2024-20835

Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors...

7.8CVSS6.8AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2025/02/05 6:15 p.m.34 views

CVE-2024-7595

GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered simil...

6.5CVSS0.01552EPSS
Exploits0References3
Rows per page
Query Builder