Lucene search
K

240 matches found

NVD
NVD
added 2025/11/23 5:15 p.m.6 views

CVE-2025-48507

The security state of the calling processor into Trusted Firmware TF-A is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC...

8.6CVSS0.0016EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/10/10 12:0 a.m.19 views

Exploiting Web Search Tools of AI Agents for Data Exfiltration

Large language models LLMs are now routinely used to autonomously execute complex tasks, from natural language processing to dynamic workflows like web searches. The usage of tool-calling and Retrieval Augmented Generation RAG allows LLMs to process and retrieve sensitive corporate data, amplifyi...

7.2AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-26337

Malware in sbrugna...

5.3CVSS5.5AI score0.00469EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-6481

Malware in sbrugna...

6.6CVSS6.4AI score0.02187EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-26016

Malware in sbrugna...

5.5CVSS5.5AI score0.00109EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-29099

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00483EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-8114

Malicious code in bioql PyPI...

7.3CVSS9AI score0.00349EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-38255

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00437EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-35542

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00373EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-46316

Malicious code in bioql PyPI...

2.8CVSS6.6AI score0.00143EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28979

Malicious code in bioql PyPI...

6.9CVSS6.3AI score0.00374EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/07 9:36 p.m.4 views

Malicious code in onnxruntime-winml (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5566aa4ecc644b36e90902092563c05e1852d751381539398f2307ae1fbefae6 Package is just calling home and there is no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages, but also anything th...

7AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/09/05 12:0 a.m.2 views

Mind the Gap: Evaluating Model- and Agentic-Level Vulnerabilities in LLMs with Action Graphs

As large language models transition to agentic systems, current safety evaluation frameworks face critical gaps in assessing deployment-specific risks. We introduce AgentSeer, an observability-based evaluation framework that decomposes agentic executions into granular action and component graphs,...

7.7AI score
Exploits0
OSV
OSV
added 2025/09/04 7:15 p.m.3 views

CVE-2025-48531

In getCallingPackageName of CredentialStorage, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00093EPSS
Exploits0References2
NVD
NVD
added 2025/09/04 7:15 p.m.14 views

CVE-2025-48531

In getCallingPackageName of CredentialStorage, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00093EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/09/04 6:34 p.m.3 views

CVE-2025-48531

In getCallingPackageName of CredentialStorage, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00093EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/09/04 6:33 p.m.31 views

CVE-2025-32323

CVE-2025-32323: In Shared.java getCallingAppName, input validation allows deceptive permission-popup text to trick users into granting file access. This enables local elevation of privilege, with no additional execution privileges and no user interaction required. Affected: Android framework code...

7.8CVSS6.3AI score0.00088EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.5 views

PT-2025-35657

Name of the Vulnerable Software and Affected Versions Dive versions 0.9.0 through 0.9.3 Description Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Versions 0.9.0 through 0.9.3 contain a Remote Code Execution RCE vulnerability triggered by ...

8.8CVSS7.5AI score0.07702EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-37325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a...

7.5CVSS7.2AI score0.01099EPSS
Exploits0References2
CNVD
CNVD
added 2025/07/11 12:0 a.m.4 views

Unspecified vulnerability in Huawei HarmonyOS and EMUI (CNVD-2025-16592)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...

6.2CVSS6.9AI score0.00093EPSS
Exploits0References1
Rows per page
Query Builder