CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The curl source repository contains official documentation and example code that demonstrate WebSocket connections using the insecure ws:// protocol instead of the secure wss://. This misleading guidance may encourage developers to implement cleartext WebSocket endpoints, exposing users and...

6.9AI score

Exploits0

Packet Storm News•added 2025/08/12 12:0 a.m.•2 views

Evasive Ransomware Attacks Using Low-Level Behavioral Adversarial Examples

Protecting state-of-the-art AI-based cybersecurity defense systems from cyber attacks is crucial. Attackers create adversarial examples by adding small changes i.e., perturbations to the attack features to evade or fool the deep learning model. This paper introduces the concept of low-level...

7.1AI score

Exploits0

Malwarebytes•added 2025/07/31 12:54 p.m.•5 views

That seemingly innocent text is probably a scam

A special thanks to all the people at Malwarebytes and ThreatDown for sharing the text messages they received from scammers. Many of us have received texts like these. Often super short, some flirty, some with a business tone, or sometimes just a simple ‘hello.’ You don't know the sender, and the...

6.9AI score

Exploits0

OSSF Malicious Packages•added 2025/07/30 5:32 p.m.•4 views

Malicious code in turborepo-examples (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score

Exploits0

OSV•added 2025/07/30 5:32 p.m.•3 views

MAL-2025-6774 Malicious code in turborepo-examples (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0

Snyk•added 2025/07/28 2:27 a.m.•3 views

Malicious Package

Overview paypal-examples-langchain is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score

Exploits0References2

vulnersOsv•added 2025/07/22 6:30 p.m.•1 views

broad-dagster-utils (=2.0.0a7), dagit (>=0.5.1 <=1.10.15) +71 more potentially affected by CVE-2025-51481 via dagster (>=0.1.1 <=1.10.15)

dagster PYPI version =0.1.1, =0.5.1, =0.16.0, =0.5.4, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =1.0.0, =1.10.0, =1.0.0, =0.16.0, =0.26.15 and more Source cves: CVE-2025-51481 Source advisory: OSV:GHSA-H7X8-JV97-FVVM...

6.6CVSS5.4AI score0.00126EPSS

Exploits1

OSV•added 2025/07/22 3:47 a.m.•2 views

MAL-2025-6115 Malicious code in paypal-examples-langchain (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8aabcced92aa935f39ef4e66942764d799e0d1ca4e87baffe59fd8fad22ac10 Any computer that has this package installed or running should be considered...

7AI score

Exploits0References1

OSSF Malicious Packages•added 2025/07/22 3:47 a.m.•3 views

Malicious code in paypal-examples-langchain (npm)

6.8AI score

Exploits0References1

OSSF Malicious Packages•added 2025/07/22 1:37 a.m.•3 views

Malicious code in nf-graph-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68c85cb3b4e04f7e1368dde1be75808c76da67cc6c23f52ed008ac697722496a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References3

OSV•added 2025/07/22 1:37 a.m.•2 views

MAL-2025-6187 Malicious code in nf-graph-examples (npm)

7AI score

Exploits0References3

OSSF Malicious Packages•added 2025/07/12 12:29 p.m.•3 views

Malicious code in realtime-examples-2w (npm)

The package communicates with a domain associated with malicious activity...

7AI score

Exploits0

Packet Storm News•added 2025/07/10 12:0 a.m.•1 views

Temporal Unlearnable Examples: Preventing Personal Video Data from Unauthorized Exploitation by Object Tracking

With the rise of social media, vast amounts of user-uploaded videos e.g., YouTube are utilized as training data for Visual Object Tracking VOT. However, the VOT community has largely overlooked video data-privacy issues, as many private videos have been collected and used for training commercial...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by