Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Handling jset if a & b ... as a jump in CFG computation. BPFJSET is a conditional jump, and currently, verifier.c:canjump does not take this into account. This can lead to incorrect live registers and SCC Set of...

NFTDELTA: Detecting Permission Control Vulnerabilities in NFT Contracts through Multi-View Learning

Permission control vulnerabilities in Non-fungible token NFT contracts can result in significant financial losses, as attackers may exploit these weaknesses to gain unauthorized access or circumvent critical permission checks. In this paper, we propose NFTDELTA, a framework that leverages static...

The Code Whisperer: LLM and Graph-Based AI for Smell and Vulnerability Resolution

Code smells and software vulnerabilities both increase maintenance cost, yet they are often handled by separate tools that miss structural context and produce noisy warnings. This paper presents The Code Whisperer, a hybrid framework that combines graph-based program analysis with large language...

Aether Smart Contract Security Analysis Framework 6.0

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

Aether Smart Contract Security Analysis Framework 5.0.2

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

SAGA: Detecting Security Vulnerabilities Using Static Aspect Analysis

Python is one of the most popular programming languages; as such, projects written in Python involve an increasing number of diverse security vulnerabilities. However, existing state-of-the-art analysis tools for Python only support a few vulnerability types. Hence, there is a need to detect a...

EUVD-2021-0439

Malware in sbrugna...

EUVD-2025-27932

Malicious code in bioql PyPI...

CVE-2025-38607

In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...

UBUNTU-CVE-2025-38607

In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...

CVE-2025-38607

CVE-2025-38607 relates to the Linux kernel BPF_JSET conditional jump; verifier.c:can_jump() could miscompute live registers and SCC during CFG analysis, potentially affecting correctness of analysis. The issue was resolved by handling jset jumps in CFG computation. Affected component: BPF/JSET ha...

CVE-2025-38607

In the Linux kernel, the following vulnerability has been resolved: bpf: handle jset if a & b ... as a jump in CFG computation BPFJSET is a conditional jump and currently verifier.c:canjump does not know about that. This can lead to incorrect live registers and SCC computation. E.g. in the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the bpf module not treating jset as a jump in CFG calculations...

PT-2025-33805 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where the BPF JSET conditional jump is not correctly handled during control flow graph CFG computation. This can lead to incorrect live register and...

VerilogLAVD: LLM-Aided Rule Generation for Vulnerability Detection in Verilog

Timely detection of hardware vulnerabilities during the early design stage is critical for reducing remediation costs. Existing early detection techniques often require specialized security expertise, limiting their usability. Recent efforts have explored the use of large language models LLMs for...

PotentRegion4MalDetect: Advanced Features from Potential Malicious Regions for Malware Detection

Malware developers exploit the fact that most detection models focus on the entire binary to extract the feature rather than on the regions of potential maliciousness. Therefore, they reverse engineer a benign binary and inject malicious code into it. This obfuscation technique circumvents the...

Disa: Accurate Learning-Based Static Disassembly with Attentions

For reverse engineering related security domains, such as vulnerability detection, malware analysis, and binary hardening, disassembly is crucial yet challenging. The fundamental challenge of disassembly is to identify instruction and function boundaries. Classic approaches rely on file-format...

CVE-2025-40741

A vulnerability has been identified in Solid Edge SE2025 All versions V225.0 Update 5. The affected applications contain a stack based overflow vulnerability while parsing specially crafted CFG files. This could allow an attacker to execute code in the context of the current process...

CVE-2021-41217

TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in th...

BIT-TENSORFLOW-2021-41217 Null pointer exception when `Exit` node is not preceded by `Enter` op

TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in th...