Lucene search
K

358 matches found

Packet Storm News
Packet Storm News
added 2025/05/27 12:0 a.m.5 views

PrivATE: Differentially Private Confidence Intervals for Average Treatment Effects

The average treatment effect ATE is widely used to evaluate the effectiveness of drugs and other medical interventions. In safety-critical applications like medicine, reliable inferences about the ATE typically require valid uncertainty quantification, such as through confidence intervals CIs...

6.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:15 a.m.9 views

CVE-2024-48140

A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7.5CVSS7.1AI score0.00413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:15 a.m.7 views

CVE-2024-48142

A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica ChatGPT AI Assistant v2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...

7.5CVSS7.1AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:36 p.m.4 views

CVE-2022-20548

In setParameter of EqualizerEffect.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS6.8AI score0.00125EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:1 p.m.18 views

CVE-2021-24683

The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not validate or escape them, which could lead to Stored Cross-Site Scripting issue...

5.4CVSS5.6AI score0.00399EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:47 a.m.8 views

CVE-2019-6677

On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, under certain conditions when using custom TCP congestion control settings in a TCP profile, TMM stops processing traffic when processed by an iRule...

7.5CVSS6.9AI score0.01044EPSS
Exploits0References1
OSV
OSV
added 2025/05/22 5:59 a.m.2 views

BELL-CVE-2025-37966

Bulletin has no description...

5.5CVSS6AI score0.0013EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/20 12:0 a.m.5 views

AudioJailbreak: Jailbreak Attacks against End-To-End Large Audio-Language Models

Jailbreak attacks to Large audio-language models LALMs are studied recently, but they achieve suboptimal effectiveness, applicability, and practicability, particularly, assuming that the adversary can fully manipulate user prompts. In this work, we first conduct an extensive experiment showing th...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/11 8:53 a.m.4 views

Malicious code in com.unity.visualeffectgraph (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 612fb4f703fb888029e1ae8bf1069fc5719a9288ee946e4210c5127c665c38d9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/06 12:0 a.m.6 views

Bridging Expertise Gaps: the Role of LLMs in Human-AI Collaboration for Cybersecurity

This study investigates whether large language models LLMs can function as intelligent collaborators to bridge expertise gaps in cybersecurity decision-making. We examine two representative tasks-phishing email detection and intrusion detection-that differ in data modality, cognitive complexity,...

6.9AI score
Exploits0
OSV
OSV
added 2025/05/03 5:58 a.m.3 views

BELL-CVE-2025-37779

Bulletin has no description...

5.5CVSS6AI score0.0013EPSS
Exploits0References1
OSV
OSV
added 2025/05/02 4:15 p.m.5 views

CVE-2023-53076

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.5AI score
Exploits0References1
CVE
CVE
added 2025/04/03 4:0 p.m.78 views

CVE-2025-3165

CVE-2025-3165 affects thu-pacman chitu 0.1.0. The vulnerability is in the function torch.load within chitu/chitu/backend.py, where manipulation of the arguments ckpt_path/quant_ckpt_dir leads to deserialization. An attack requires local access. The issue is documented across multiple feeds (NVD, ...

5.3CVSS7.2AI score0.00179EPSS
Exploits0References4
CVE
CVE
added 2025/04/03 7:19 a.m.91 views

CVE-2025-22000

CVE-2025-22000 affects the Linux kernel. The flaw is in mm/huge_memory where, after splitting a folio for EOF, folio refs may not be fully dropped unless folio_put_refs(folio, folio_nr_pages(folio)) is used. This can cause a memory leak when the blocksize > page_size and truncation creates fol...

5.5CVSS7.1AI score0.00162EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.5 views

PT-2025-14236 · Unknown · Feedbucket

Name of the Vulnerable Software and Affected Versions: Feedbucket – Website Feedback Tool versions 1.0.0 through 1.0.6 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This can be achieved by...

5.4CVSS6.3AI score0.00154EPSS
Exploits0References3
OSV
OSV
added 2025/03/26 5:19 p.m.8 views

GHSA-J8XJ-7JFF-46MX Directus's S3 assets become unavailable after a burst of malformed transformations

Summary When making many malformed transformation requests at once, at some point, all assets are being served as 403. Details When I was investigating this issue, I have found that after a burst of malformed asset transformation requests, the amount of sockets held on Agent on NodeHttpHandler wa...

5.3CVSS6.8AI score0.00406EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-39920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system...

4.3CVSS5.3AI score0.00572EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/02/21 9:57 p.m.4 views

WordPress Rife Elementor Extensions & Templates plugin <= 1.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Writing Effect Headline Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Writing Effect Headline Shortcode vulnerability discovered by zer0gh0st in WordPress Plugin Rife Elementor Extensions & Templates versions = 1.2.5...

6.4CVSS5.8AI score0.00278EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/02/11 5:57 a.m.4 views

BELL-CVE-2025-21686 CVE-2025-21686 does not affect BellSoft software

Bulletin has no description...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/03 5:25 p.m.5 views

Malicious code in effect-layout-function (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
Rows per page
Query Builder