codepoc

Java Goof This is a collection of Java demo apps that are vu...

[SECURITY] Fedora 43 Update: vhs-0.10.0-4.fc43

Write terminal GIFs as code for integration testing and demoing your CLI tool s...

[SECURITY] Fedora 42 Update: vhs-0.9.0-2.fc42

Write terminal GIFs as code for integration testing and demoing your CLI tool s...

Debian: Security Advisory (DSA-6168-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Your complete guide to Microsoft experiences at RSAC™ 2026 Conference

The era of AI is reshaping both opportunity and risk faster than any shift security leaders have seen. Every organization is feeling the momentum; and for security teams, the question is no longer if AI will transform their work, but how to stay ahead of what comes next. At Microsoft, we see this...

GHSA-W54X-R83C-X79Q Pepr Has Overly Permissive RBAC ClusterRole in Admin Mode

Severity: LOW Target: /workspace/pepr/src/lib/assets/rbac.ts Endpoint: Kubernetes RBAC configuration Method: Deployment Response / Rationale Pepr defaults to rbacMode: "admin" because the initial experience is designed to be frictionless for new users. This mode ensures that users can deploy and...

EUVD-2022-5211

Malicious code in bioql PyPI...

io.airlift:discovery (=324), io.airlift:http-client (=324) +13 more potentially affected by CVE-2025-5115 via org.eclipse.jetty.http2:jetty-http2-common (>=12.1.0.alpha0 <=12.1.0.beta2)

org.eclipse.jetty.http2:jetty-http2-common MAVEN version =12.1.0.alpha0, =12.1.0.alpha2, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.alpha0, =12.1.0.beta2 Source cves: CVE-2025-5115 Source advisory: SNYK:JAVA-ORGECLIPSEJETTYHTTP2-12047664...

Malicious code in @malware-test-laugh-demos-cooee-gamme/test-mlw3-laugh-demos-cooee-gamme (npm)

The package @malware-test-laugh-demos-cooee-gamme/test-mlw3-laugh-demos-cooee-gamme was found to contain malicious code...

MAL-2025-8755 Malicious code in @malware-test-laugh-demos-cooee-gamme/test-mlw3-laugh-demos-cooee-gamme (npm)

The package @malware-test-laugh-demos-cooee-gamme/test-mlw3-laugh-demos-cooee-gamme was found to contain malicious code...

Malicious code in @zalastax/nolb-demos (npm)

The package @zalastax/nolb-demos was found to contain malicious code...

MAL-2025-11139 Malicious code in @zalastax/nolb-demos (npm)

The package @zalastax/nolb-demos was found to contain malicious code...

Malicious code in public-tools-and-demos (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd27fc8de7de95d23d7ed38ad3f45570fbd5a74a2f07b0e570f5240adafda3ce Any computer that has this package installed or running should be considered...

Connect with us at the Gartner Security & Risk Management Summit

Security professionals visiting booths scattered around a hall, eager for solutions to today’s top cybersecurity challenges to protect their resources and people. The hum of hundreds of conversations. Presenters in packed sessions sharing expertise, trends, and stories to energize attendees. Few...

Hijacking Large Language Models Via Adversarial In-Context Learning

In-context learning ICL has emerged as a powerful paradigm leveraging LLMs for specific downstream tasks by utilizing labeled examples as demonstrations demos in the preconditioned prompts. Despite its promising performance, crafted adversarial attacks pose a notable threat to the robustness of...

Preventing Adversarial AI Attacks against Autonomous Situational Awareness: a Maritime Case Study

Adversarial artificial intelligence AI attacks pose a significant threat to autonomous transportation, such as maritime vessels, that rely on AI components. Malicious actors can exploit these systems to deceive and manipulate AI-driven operations. This paper addresses three critical research...

CVE-2023-3040

A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a merged in PR 14 contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that...

GeoServer < 2.23.4 Multiples Vulnerabilities

According to its banner, the version of GeoServer running on the remote host is prior to 2.23.5 or 2.24.0 prior to 2.24.2. It is, therefore, affected by Multiples Vulnerabilities : - An Arbitrary file upload vulnerability in REST Coverage Store API - A Stored Cross-Site Scripting XSS vulnerabilit...

com.google.appengine:jetty12-assembly (>=2.0.20 <=3.0.1), org.eclipse.jetty.ee9.demos:jetty-ee9-demo-embedded (>=12.0.0 <=12.0.29) +5 more potentially affected by CVE-2024-9823 via org.eclipse.jetty.ee9:jetty-ee9-servlets (>=12.0.0 <=12.0.29)

org.eclipse.jetty.ee9:jetty-ee9-servlets MAVEN version =12.0.0, =2.0.20, =12.0.0, =12.0.0, =12.0.0, =12.0.0, =12.0.12, =12.0.29 Source cves: CVE-2024-9823 Source advisory: OSV:GHSA-J26W-F9RQ-MR2Q...

CVE-2024-47871

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves insecure communication between the FRP Fast Reverse Proxy client and server when Gradio's share=True option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and rea...