CVE-2026-33721

MapServer (CVE-2026-33721) has a heap-buffer-overflow in the SLD parser triggered by a crafted SLD containing more than 100 Threshold elements in a ColorMap/Categorize structure, exploitable by an unauthenticated remote attacker via WMS GetMap with SLD_BODY. Affects versions up to 4.2 prior to 8....

SOGo 跨站脚本漏洞

SOGo is a highly fast and scalable modern collaboration suite open source by Alinto. It offers calendar management, address book management, a fully functional webmail client, as well as features for resource sharing and permission handling. Versions of SOGo prior to 5.12.5 contained a cross-site...

PT-2026-24376

Name of the Vulnerable Software and Affected Versions Microsoft Authenticator affected versions not specified Description A condition exists where an unauthorized attacker can disclose information locally. The issue relates to Cwe not being in rca categories. Recommendations At the moment, there ...

Exploit for CVE-2017-0144

ExploitdbPro - Enhanced Edition Enhanced CLI tool for Exploit...

EUVD-2000-0123

Malware in sbrugna...

EUVD-2008-7263

Malware in sbrugna...

EUVD-2017-15234

Malware in sbrugna...

EUVD-2025-3732

Malicious code in bioql PyPI...

EUVD-2024-25703

Malicious code in bioql PyPI...

EUVD-2025-13937

Malicious code in bioql PyPI...

EUVD-2024-1886

Malicious code in bioql PyPI...

WordPress AutoCatSet Cross-Site Request Forgery Vulnerability

AutoCatSet is an automatic post categorization plugin for the WordPress platform. A cross-site request forgery vulnerability exists in AutoCatSet 2.1.4 and earlier versions, which stems from the autocatsetajax function not properly implementing a random number validation mechanism. An attacker ca...

WordPress Radio Station plugin <= 2.5.12 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin Radio Station versions = 2.5.12...

Rethinking Machine Unlearning in Image Generation Models

With the surge and widespread application of image generation models, data privacy and content safety have become major concerns and attracted great attention from users, service providers, and policymakers. Machine unlearning MU is recognized as a cost-effective and promising means to address...

Con Instruction: Universal Jailbreaking of Multimodal Large Language Models Via Non-Textual Modalities

Existing attacks against multimodal language models MLLMs primarily communicate instructions through text accompanied by adversarial images. In contrast, we exploit the capabilities of MLLMs to interpret non-textual instructions, specifically, adversarial images or audio generated by our novel...

Side Channel Analysis in Homomorphic Encryption

Homomorphic encryption provides many opportunities for privacy-aware processing, including with methods related to machine learning. Many of our existing cryptographic methods have been shown in the past to be susceptible to side channel attacks. With these, the implementation of the cryptographi...

CVE-2025-35995

When a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of...

UK Finfluencers: Exploring Content, Reach, and Responsibility

The rise of social media financial influencers finfluencers has significantly transformed the personal finance landscape, making financial advice and insights more accessible to a broader and younger audience. By leveraging digital platforms, these influencers have contributed to the...

CVE-2025-35995

When a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of...

CVE-2025-35995

When a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of...