Malicious Package

Overview focal-examples is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Rectifying Adversarial Examples Using Their Vulnerabilities

Deep neural network-based classifiers are prone to errors when processing adversarial examples AEs. AEs are minimally perturbed input data undetectable to humans posing significant risks to security-dependent applications. Hence, extensive research has been undertaken to develop defense mechanism...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell Exploit - CVE-2025-55182 Author: andrei2308...

Certified but Fooled! Breaking Certified Defences with Ghost Certificates

Certified defenses promise provable robustness guarantees. We study the malicious exploitation of probabilistic certification frameworks to better understand the limits of guarantee provisions. Now, the objective is to not only mislead a classifier, but also manipulate the certification process t...

On Selecting Few-Shot Examples for LLM-Based Code Vulnerability Detection

Large language models LLMs have demonstrated impressive capabilities for many coding tasks, including summarization, translation, completion, and code generation. However, detecting code vulnerabilities remains a challenging task for LLMs. An effective way to improve LLM performance is in-context...

CVE-2025-54941 Apache Airflow: Command injection in "example_dag_decorator"

An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...

Discover Practical AI Tactics for GRC — Join the Free Expert Webinar

Artificial Intelligence AI is rapidly transforming Governance, Risk, and Compliance GRC. It's no longer a future concept—it's here, and it's already reshaping how teams operate. AI's capabilities are profound: it's speeding up audits, flagging critical risks faster, and drastically cutting down o...

CVE-2025-62613

VDO.Ninja is a tool that brings remote video feeds into OBS or other studio software via WebRTC. From versions 28.0 to before 28.4, a reflected Cross-Site Scripting XSS vulnerability exists on examples/control.html through the room parameter, which is improperly sanitized before being rendered in...

CVE-2025-62613

VDO.Ninja is a tool that brings remote video feeds into OBS or other studio software via WebRTC. From versions 28.0 to before 28.4, a reflected Cross-Site Scripting XSS vulnerability exists on examples/control.html through the room parameter, which is improperly sanitized before being rendered in...

EUVD-2025-35631

VDO.Ninja is a tool that brings remote video feeds into OBS or other studio software via WebRTC. From versions 28.0 to before 28.4, a reflected Cross-Site Scripting XSS vulnerability exists on examples/control.html through the room parameter, which is improperly sanitized before being rendered in...

MAL-2025-48024 Malicious code in cassandra-driver-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 182b17f76b86dc9388eba3e01e07b1339a102abf6e265996a48913ca7379a6b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview cassandra-driver-examples is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

EUVD-2025-32982

Malicious code in cassandra-driver-examples npm...

EUVD-2016-7485

Malware in sbrugna...

EUVD-2021-2152

Malware in sbrugna...

RockyLinux 10 : tomcat (RLSA-2025:7497)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:7497 advisory. tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API CVE-2024-52316 tomcat: Apache Tomcat: DoS in examples web application...

EUVD-2022-7422

Malicious code in bioql PyPI...

EUVD-2024-26920

Malicious code in bioql PyPI...

CVE-2025-11031

A flaw has been found in DataTables up to 1.10.13. The affected element is an unknown function of the file /examples/resources/examples.php. This manipulation of the argument src causes path traversal. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-11031

CVE-2025-11031 affects DataTables up to version 1.10.13. The issue stems from path traversal caused by manipulation of the src argument in an unknown function within /examples/resources/examples.php, which could be triggered remotely. An exploit has been published; upgrading to DataTables 1.10.15...