Lucene search
K

245 matches found

RedHat Linux
RedHat Linux
added 2025/09/10 4:20 p.m.10 views

kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

4.7CVSS6.7AI score0.00111EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/07 2:32 p.m.5 views

CVE-2025-58871

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...

6.5CVSS5.9AI score0.00154EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/05 1:45 p.m.3 views

CVE-2025-58871 WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...

6.5CVSS5.9AI score0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/05 1:45 p.m.13 views

CVE-2025-58871 WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...

6.5CVSS0.00154EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/05 1:43 p.m.5 views

WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Mika in WordPress Plugin Master Paper Collapse Toggle versions = 1.1...

6.5CVSS6AI score0.00154EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.3 views

WordPress plugin Master Paper Collapse Toggle 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS5.8AI score0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.4 views

PT-2025-36210

Name of the Vulnerable Software and Affected Versions: Luis Rock Master Paper Collapse Toggle versions through 1.1 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS. Recommendations: Update to ...

6.5CVSS5.5AI score0.00154EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:9 a.m.9 views

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attributeIn Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute

...

6.1CVSS7AI score0.04135EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/08/13 12:0 a.m.4 views

Extending the OWASP Multi-Agentic System Threat Modeling Guide: Insights from Multi-Agent Security Research

We propose an extension to the OWASP Multi-Agentic System MAS Threat Modeling Guide, translating recent anticipatory research in multi-agent security MASEC into practical guidance for addressing challenges unique to large language model LLM-driven multi-agent architectures. Although OWASP's...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/08/11 9:52 a.m.4 views

kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

4.7CVSS6.7AI score0.00111EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-49778

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect filemapcount for non-leaf pmd/pud The page table check trigger BUGON...

5.5CVSS6AI score0.0014EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/07/23 12:0 a.m.4 views

On One-Shot Signatures, Quantum Vs Classical Binding, and Obfuscating Permutations

One-shot signatures OSS were defined by Amos, Georgiou, Kiayias, and Zhandry STOC'20. These allow for signing exactly one message, after which the signing key self-destructs, preventing a second message from ever being signed. While such an object is impossible classically, Amos et al observe tha...

6.8AI score
Exploits0
OSV
OSV
added 2025/07/09 3:23 p.m.12 views

CLSA-2025-1751916475 kernel: Fix of 10 CVEs

udmabuf: fix a buf size overflow issue during udmabuf creation CVE-2025-37803 - bpf: Prevent tail call between progs attached to different hooks CVE-2024-50063 - nfsd: fix possible badness in FREESTATEID CVE-2024-50043 - nfsd: prevent panic for nfsv4.0 closed files in nfs4showopen CVE-2024-46682...

7.8CVSS7AI score0.00251EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/28 7:44 a.m.6 views

CVE-2025-38085 mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

6AI score0.00111EPSS
Exploits0References8
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.3 views

Doppelgänger Method: Breaking Role Consistency in LLM Agent via Prompt-based Transferable Adversarial Attack

Since the advent of large language models, prompt engineering now enables the rapid, low-effort creation of diverse autonomous agents that are already in widespread use. Yet this convenience raises urgent concerns about the safety, robustness, and behavioral consistency of the underlying prompts,...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/03 12:0 a.m.6 views

The vulnerability of the mm/MADV_COLLAPSE components of the Linux operating system, which allows a hacker to cause a service failure.

The vulnerability of the mm/MADVCOLLAPSE component in the Linux operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.5CVSS6AI score0.00106EPSS
Exploits0References6Affected Software5
RedhatCVE
RedhatCVE
added 2025/05/23 4:43 a.m.6 views

CVE-2023-40669

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in twinpictures, baden03 Collapse-O-Matic plugin = 1.8.5.5 versions...

6.5CVSS5.6AI score0.00328EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 2:30 a.m.8 views

CVE-2023-7030

The Collapse-O-Matic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'expand' shortcode in all versions up to, and including, 1.8.5.5 due to insufficient input sanitization and output escaping on the 'tag' user supplied attribute. This makes it possible for...

6.4CVSS6.1AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:14 a.m.7 views

CVE-2022-4475

The Collapse-O-Matic WordPress plugin before 1.8.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.4CVSS5.9AI score0.00534EPSS
Exploits2References1
Packet Storm News
Packet Storm News
added 2025/05/22 12:0 a.m.21 views

CTRAP: Embedding Collapse Trap to Safeguard Large Language Models from Harmful Fine-Tuning

Fine-tuning-as-a-service, while commercially successful for Large Language Model LLM providers, exposes models to harmful fine-tuning attacks. As a widely explored defense paradigm against such attacks, unlearning attempts to remove malicious knowledge from LLMs, thereby essentially preventing th...

7.4AI score
Exploits0
Rows per page
Query Builder