29 matches found
SUSE CVE-2026-31734
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...
CVE-2026-31734
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...
CVE-2026-31734
CVE-2026-31734 (Linux kernel sched_ext) has been fixed. The issue was a false negative where is_bpf_migration_disabled() could be incorrect on systems without CONFIG_PREEMPT_RCU, causing migration_disabled == 1 to be treated as truly migration-disabled even for the current task. The BPF prolog no...
CVE-2026-31734 sched_ext: Fix is_bpf_migration_disabled() false negative on non-PREEMPT_RCU
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix isbpfmigrationdisabled false negative on non-PREEMPTRCU Since commit 8e4f0b1ebcf2 "bpf: use rcureadlockdontmigrate for trampoline.c", the BPF prolog bpfprogenter calls migratedisable only when CONFIGPREEMPTRCU is...
Measuring the Permission Gate: A Stress-Test Evaluation of Claude Code's Auto Mode
Claude Code's auto mode is the first deployed permission system for AI coding agents, using a two-stage transcript classifier to gate dangerous tool calls. Anthropic reports a 0.4% false positive rate and 17% false negative rate on production traffic. We present the first independent evaluation o...
ALFA: A Safe-By-Design Approach to Mitigate Quishing Attacks Launched Via Fancy QR Codes
Phishing with Quick Response QR codes is termed as Quishing. The attackers exploit this method to manipulate individuals into revealing their confidential data. Recently, we see the colorful and fancy representations of QR codes, the 2D matrix of QR codes which does not reflect a typical mixture ...
EUVD-2020-0427
Malware in sbrugna...
CVE-2021-47640
In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. It not only causes false positives but also false negative as shown the following text. Fix ...
CVE-2021-47640
In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. It not only causes false positives but also false negative as shown the following text. Fix ...
CVE-2021-47640 powerpc/kasan: Fix early region not updated correctly
In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when PTERPNSHIFT is 24 and PAGESHIFT is 12. It not only causes false positives but also false negative as shown the following text. Fix ...
Exploit for Deserialization of Untrusted Data in Alibaba Fastjson
json.org CVE-2022-45688 true & false positive WTF ?? The p...
PT-2023-33058 · Esapi · Esapi
Name of the Vulnerable Software and Affected Versions: ESAPI versions 1.3 through 2.5.x Description: The Validator.isValidSafeHTML method can result in false negatives, reporting some input as safe when it is not, potentially leading to XSS vulnerabilities. This issue affects all versions of ESAP...
4 things you should know about testing AV software with VirusTotal’s free online multiscanner
As COVID-19 soldiers on, small and medium-size businesses now feel as ripe for malware attacks as deep-pocketed multinationals. SMBs see that, along with remote work, our pandemic has also brought troubling new holes to their security. This means cybercriminals—equal opportunity charlatans that...
Exploit for CVE-2020-1472
ZeroLogon testing script A Python script that uses the Impack...
Exploit for CVE-2020-1472
ZeroLogon testing script A Python script that uses the Impack...
Exploit for CVE-2020-1472
ZeroLogon testing script A Python script that uses the Impack...
GoGhost - High Performance, Lightweight, Portable Open Source Tool For Mass SMBGhost Scan
GoGhost is a High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan. Installation You can download Windows Binary or Linux Binary. Alternatively, GoGhost uses native Golang libraries so the line above would be fine to compile it: go build GoGhost.go Usage Options GoGhost...
CVE-2020-11071
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
CVE-2020-11072
In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...
CVE-2020-11072
In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...