413 matches found
EUVD-2023-44131
Malicious code in bioql PyPI...
EUVD-2023-33038
Malicious code in bioql PyPI...
EUVD-2025-5954
Malicious code in bioql PyPI...
EUVD-2025-29377
Malicious code in bioql PyPI...
EUVD-2025-26195
Malicious code in bioql PyPI...
EUVD-2025-27020
Malicious code in bioql PyPI...
EUVD-2025-21707
Malicious code in bioql PyPI...
EUVD-2025-29368
Malicious code in bioql PyPI...
WireTap: Breaking Server SGX via DRAM Bus Interposition
Whitepaper that delves into Intel’s Software Guard eXtension SGX. A common misconception is that physical attacks on SGX require expensive laboratory equipment, thus putting them out of reach of hobbyist-level attackers. In this work, the authors challenge this belief, showing how simple memory b...
PT-2025-45575
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's crypto/rng module. The issue involves ensuring that the set ent function is always set, as it is only provided by the drbg. This ensures proper...
PT-2025-39487
Name of the Vulnerable Software and Affected Versions Banhammer – Monitor Site Traffic, Block Bad Users and Bots plugin for WordPress versions through 3.4.8 Description The Banhammer plugin for WordPress is susceptible to a blocking bypass. This occurs because a site-wide “secret key” is...
[SECURITY] [DSA 5979-2] libxslt regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-5979-1 [email protected] https://www.debian.org/security/ Guilhem Moulin September 25, 2025 https://www.debian.org/security/faq -...
CVE-2025-59015
TYPO3 CMS password generation vulnerability (CVE-2025-59015) affects TYPO3 CMS 12.0.0–12.4.36 and 13.0.0–13.4.17. A deterministic three-character prefix in the Password Generation component reduces entropy, enabling faster brute-force attacks. Impact is insufficient entropy in password generation...
CVE-2025-59015 Insufficient Entropy in Password Generation
A deterministic three‑character prefix in the Password Generation component of TYPO3 CMS versions 12.0.0–12.4.36 and 13.0.0–13.4.17 reduces entropy, allowing attackers to carry out brute‑force attacks more quickly...
Guided Reasoning in LLM-Driven Penetration Testing Using Structured Attack Trees
Recent advances in Large Language Models LLMs have driven interest in automating cybersecurity penetration testing workflows, offering the promise of faster and more consistent vulnerability assessment for enterprise systems. Existing LLM agents for penetration testing primarily rely on self-guid...
TYPO3 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-019)
The version of TYPO3 installed on the remote host is 12.0.0 prior to 12.4.37 / 13.0.0 prior to 13.4.18. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-019 advisory. - By default, the Password Generation component creates a password that always begins with a...
CVE-2025-30198
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...
CVE-2025-30200
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...
CVE-2025-30198
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...
CVE-2025-30200
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...