SimFuzz: Similarity-Guided Block-Level Mutation for RISC-V Processor Fuzzing

The Instruction Set Architecture ISA defines processor operations and serves as the interface between hardware and software. As an open ISA, RISC-V lowers the barriers to processor design and encourages widespread adoption, but also exposes processors to security risks such as functional bugs...

EUVD-2020-21924

Malware in sbrugna...

EUVD-2023-44423

Malicious code in bioql PyPI...

EUVD-2025-27807

Malicious code in bioql PyPI...

EUVD-2024-51608

Malicious code in bioql PyPI...

EUVD-2022-37593

Malicious code in bioql PyPI...

EUVD-2025-25183

Malicious code in bioql PyPI...

EUVD-2025-24063

Malicious code in bioql PyPI...

AI Training Data: Winning in the AI Boom

...

Improper Restriction of Rendered UI Layers or Frames

Overview Affected versions of this package are vulnerable to Improper Restriction of Rendered UI Layers or Frames via the iframe element. An attacker can execute unauthorized scripts in the context of a user's browser by embedding the application within a malicious frame. Note: This is only...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

Malicious code in a-vailable-al-bum-file-sonic-boom-5n6il-dbjjlw (npm)

The package a-vailable-al-bum-file-sonic-boom-5n6il-dbjjlw was found to contain malicious code...

CVE-2025-8774

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this...

CVE-2025-8774 riscv-boom SonicBOOM L1 Data Cache timing discrepancy

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this...

CVE-2025-8774 riscv-boom SonicBOOM L1 Data Cache timing discrepancy

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this...

riscv-boom SonicBOOM 安全漏洞

riscv-boom SonicBOOM is a SonicBOOM: The Berkeley Out-of-Order RISC-V Processor open source SonicBOOM: The Berkeley Chaos Machine. A security vulnerability exists in riscv-boom SonicBOOM 2.2.3 and earlier versions, which stems from an observable timing difference issue in the component L1 Data...

CVE-2025-31632

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SpyroPress La Boom allows PHP Local File Inclusion. This issue affects La Boom: from n/a through 2.7...

CVE-2025-31632

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SpyroPress La Boom allows PHP Local File Inclusion. This issue affects La Boom: from n/a through 2.7...

CVE-2025-31632 WordPress La Boom <= 2.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SpyroPress La Boom allows PHP Local File Inclusion. This issue affects La Boom: from n/a through 2.7...