Linux Distros Unpatched Vulnerability : CVE-2025-59466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - We have identified a bug in Node.js error handling where Maximum call stack size exceeded errors become uncatchable when asynchooks.createHook is enabled. Inste...

Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

Overview Affected versions of this package are vulnerable to Reliance on Undefined, Unspecified, or Implementation-Defined Behavior due to a flaw in error handling when asynchooks or AsyncLocalStorage is enabled. Normally, a "Maximum call stack size exceeded" error stack overflow is catchable by...

MiracleLinux 9 : delve-1.24.1-2.el9_5, golang-1.23.6-2.el9_5 (AXSA:2025-9852:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9852:01 advisory. encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion CVE-2024-34156...

CVE-2023-40779

An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote attacker to execute arbitrary code via a crafted request to the URL...

CVE-2022-23119

A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security...

CVE-2022-42743

deep-parse-json version 1.0.2 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the 'proto' property to be edited...

CVE-2022-31469

OX App Suite through 7.10.6 allows XSS via a deep link, as demonstrated by class="deep-link-app" for a /!!=%2e./ URI...

CVE-2022-31106

Underscore.deep is a collection of Underscore mixins that operate on nested objects. Versions of underscore.deep prior to version 0.5.3 are vulnerable to a prototype pollution vulnerability. An attacker can craft a malicious payload and pass it to deepFromFlat, which would pollute any future...

UBUNTU-CVE-2023-54322

In the Linux kernel, the following vulnerability has been resolved: arm64: set exceptionirqentry with irqentry as a default filterirqstacks is supposed to cut entries which are related irq entries from its call stack. And inirqentrytext which is called by filterirqstacks uses irqentrytextstart/en...

CVE-2025-67743

Local Deep Research is an AI-powered research assistant for deep, iterative research. In versions from 1.3.0 to before 1.3.9, the download service downloadservice.py makes HTTP requests using raw requests.get without utilizing the application's SSRF protection saferequests.py. This can allow...

EUVD-2025-204778

Local Deep Research is Vulnerable to Server-Side Request Forgery SSRF in Download Service...

Server-side Request Forgery (SSRF)

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the downloadservice.py service. An attacker can access internal services and attempt ...

CVE-2025-67743

CVE-2025-67743 affects Local Deep Research. The vulnerability lies in the download service (download_service.py) where HTTP requests are made with raw requests.get() without SSRF protection, bypassing safeguards in safe_requests.py/ssrf_validator.py. This can allow an attacker to access internal ...

Local Deep Research 安全漏洞

Local Deep Research is an AI search assistant open-sourced by LearningCircuit. A security vulnerability exists in Local Deep Research version 1.3.0 through versions prior to 1.3.9 that stems from the download service not using SSRF protection, which could lead to a server-side request forgery...

DeepGuard: Defending Deep Joint Source-Channel Coding against Eavesdropping at Physical-Layer

Deep joint source-channel coding DeepJSCC has emerged as a promising paradigm for efficient and robust information transmission. However, its intrinsic characteristics also pose new security challenges, notably an increased vulnerability to eavesdropping attacks. Existing studies on defending...

MAD-OOD: A Deep Learning Cluster-Driven Framework for an Out-Of-Distribution Malware Detection and Classification

Out of distribution OOD detection remains a critical challenge in malware classification due to the substantial intra family variability introduced by polymorphic and metamorphic malware variants. Most existing deep learning based malware detectors rely on closed world assumptions and fail to...

EulerOS Virtualization 2.13.0 : polkit (EulerOS-SA-2025-2593)

According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be...

CVE-2025-67744

DeepChat prior to 0.5.3 is affected by a Mermaid diagram rendering vulnerability that allows arbitrary JavaScript execution. The issue arises from the Electron IPC renderer being exposed to the DOM, enabling a Cross-Site Scripting (XSS) flaw that can escalate to Remote Code Execution (RCE) and al...

SeBERTis: A Framework for Producing Classifiers of Security-Related Issue Reports

Monitoring issue tracker submissions is a crucial software maintenance activity. A key goal is the prioritization of high risk, security-related bugs. If such bugs can be recognized early, the risk of propagation to dependent products and endangerment of stakeholder benefits can be mitigated. To...

SHERLOCK: A Deep Learning Approach to Detect Software Vulnerabilities

The increasing reliance on software in various applications has made the problem of software vulnerability detection more critical. Software vulnerabilities can lead to security breaches, data theft, and other negative outcomes. Traditional software vulnerability detection techniques, such as...