Lucene search
K

8 matches found

Packet Storm News
Packet Storm News
added 2026/05/11 12:0 a.m.10 views

Janus: Compiler-Based Defense against Transient Execution Attacks Using ARM Hardware Primitives

We present Janus, a compiler-based security framework that mitigates transient execution attacks like Spectre and control-flow hijacking on ARM64 platforms. Janus integrates speculative execution and control flow dependencies with PA modifiers, using PA and BTI microarchitectural features to...

6AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-29287

Malware in sbrugna...

8.8CVSS8.4AI score0.00845EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-21337

Malicious code in bioql PyPI...

7.8CVSS6.6AI score0.0015EPSS
Exploits0References1
CVE
CVE
added 2024/05/24 6:4 a.m.129 views

CVE-2024-36361

CVE-2024-36361 affects the Pug library up to version 3.0.2 . It allows JavaScript code execution when an application passes untrusted input to the name option of the functions that compile templates to JavaScript (compileClient, compileFileClient, compileClientWithDependenciesTracked). The descri...

6.8CVSS7.2AI score0.00491EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/08 8:19 p.m.25 views

CVE-2023-29404 Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.9AI score0.01837EPSS
Exploits0References7
OSV
OSV
added 2021/11/09 9:16 a.m.32 views

ALSA-2021:4386 Low: gcc security and bug fix update

The gcc packages provide compilers for C, C++, Java, Fortran, Objective C, and Ada 95 GNU, as well as related support libraries. Security Fixes: libiberty: Integer overflow in demangletemplate function CVE-2018-20673 For more details about the security issues, including the impact, a CVSS score,...

5.5CVSS6.6AI score0.01637EPSS
Exploits1References1
Schneier on Security
Schneier on Security
added 2021/11/01 3:58 p.m.62 views

Hiding Vulnerabilities in Source Code

Really interesting research demonstrating how to hide vulnerabilities in source code by manipulating how Unicode text is displayed. Its really clever, and not the sort of attack one would normally think about. From Ross Andersons blog: We have discovered ways of manipulating the encoding of sourc...

7.5CVSS1.1AI score0.12205EPSS
Exploits5
OpenVAS
OpenVAS
added 2019/05/07 12:0 a.m.78 views

Fedora Update for mingw-qt5-qt3d FEDORA-2019-3c45bd2cc3

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.7AI score0.03382EPSS
Exploits0References2
Rows per page
Query Builder