564 matches found
EUVD-2024-52321
Malicious code in bioql PyPI...
EUVD-2023-33845
Malicious code in bioql PyPI...
EUVD-2025-22800
Malicious code in bioql PyPI...
EUVD-2024-52908
Malicious code in bioql PyPI...
EUVD-2025-32286
Malicious code in bioql PyPI...
CVE-2025-10311
The Comment Info Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing nonce validation on the options.php file when handling form submissions. This makes it possible for unauthenticated attackers to modify...
CVE-2025-10311 Comment Info Detector <= 1.0.5 - Cross-Site Request Forgery to Settings Update
The Comment Info Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing nonce validation on the options.php file when handling form submissions. This makes it possible for unauthenticated attackers to modify...
CVE-2025-10311
CVE-2025-10311 affects the WordPress plugin Comment Info Detector (versions
CVE-2025-10311 Comment Info Detector <= 1.0.5 - Cross-Site Request Forgery to Settings Update
The Comment Info Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing nonce validation on the options.php file when handling form submissions. This makes it possible for unauthenticated attackers to modify...
PT-2025-40473
The Comment Info Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing nonce validation on the options.php file when handling form submissions. This makes it possible for unauthenticated attackers to modify...
WordPress plugin Comment Info Detector 跨站请求伪造漏洞
WordPress Comment Info Detector plugin is a WordPress plugin for displaying commenter browser and operating system information, developed by Kyle Baker. The WordPress Comment Info Detector plugin suffers from a cross-site request forgery vulnerability that stems from the options.php file not...
Federated Spatiotemporal Graph Learning for Passive Attack Detection in Smart Grids
Smart grids are exposed to passive eavesdropping, where attackers listen silently to communication links. Although no data is actively altered, such reconnaissance can reveal grid topology, consumption patterns, and operational behavior, creating a gateway to more severe targeted attacks. Detecti...
RLCracker: Exposing the Vulnerability of LLM Watermarks with Adaptive RL Attacks
Large Language Models LLMs watermarking has shown promise in detecting AI-generated content and mitigating misuse, with prior work claiming robustness against paraphrasing and text editing. In this paper, we argue that existing evaluations are not sufficiently adversarial, obscuring critical...
ExpIDS: a Drift-Adaptable Network Intrusion Detection System with Improved Explainability
Despite all the advantages associated with Network Intrusion Detection Systems NIDSs that utilize machine learning ML models, there is a significant reluctance among cyber security experts to implement these models in real-world production settings. This is primarily because of their opaque natur...
Malicious Package
Overview eslint-config-detector is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
Malicious code in eslint-config-detector (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c532e5d9ed3c3afdaf7a4a59234c132c6176b491fc96676828c4f0dd5eb415c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47482 Malicious code in eslint-config-detector (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c532e5d9ed3c3afdaf7a4a59234c132c6176b491fc96676828c4f0dd5eb415c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
DEBIAN-CVE-2025-39737
In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid soft lockup in kmemleakdocleanup A soft lockup warning was observed on a relative small system x86-64 system with 16 GB of memory when running a debug kernel with kmemleak enabled. watchdog: BUG: soft lockup -...
Linux Distros Unpatched Vulnerability : CVE-2022-20446
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission...
Malicious code in eslint-detector (npm)
The package eslint-detector was found to contain malicious code...