Lucene search
K

3793 matches found

EUVD
EUVD
added 2026/01/06 1:32 p.m.5 views

EUVD-2026-1106

Malicious code in x-clients-features npm...

6.6AI score
Exploits0References1
Snyk
Snyk
added 2026/01/06 1:32 p.m.6 views

Malicious Package

Overview x-clients-features is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2026/01/06 1:32 p.m.6 views

MAL-2026-95 Malicious code in x-clients-features (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 419d018f4db7282c5ea456563704c47d16246b1836a54f60696da59cb05cad04 The package x-clients-features was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References1
SUSE Linux
SUSE Linux
added 2026/01/05 12:53 p.m.4 views

Security update for alloy

This update for alloy fixes the following issues: Upgrade to version 1.12.1. Security issues fixed: CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents bsc1251509. CVE-2025-47913: golang.org/x/crypto: early client process termination...

8.7CVSS7.6AI score0.00591EPSS
Exploits2References12
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-6659

Name of the Vulnerable Software and Affected Versions time versions 0.3.6 through 0.3.46 rust-keylime versions prior to 0.2.8+116 python-uv-build versions prior to 0.10.2 SCCache versions prior to 0.13.0 Description The time crate provides date and time handling in Rust. Versions 0.3.6 through...

6.8CVSS5.2AI score0.00291EPSS
Exploits0References140
EUVD
EUVD
added 2025/12/30 12:30 p.m.2 views

EUVD-2025-205728

Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.12...

4.3CVSS6.5AI score0.002EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/27 2:46 p.m.12 views

CVE-2025-36228

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse...

3.8CVSS6.7AI score0.00203EPSS
Exploits0References1
NVD
NVD
added 2025/12/26 3:15 p.m.3 views

CVE-2025-36228

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse...

3.8CVSS0.00203EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/26 2:11 p.m.4 views

CVE-2025-36228 Incorrect Execution-Assigned Permissions in IBM Aspera Faspex

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse...

3.8CVSS6.3AI score0.00203EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/26 2:11 p.m.2 views

EUVD-2025-205441

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse...

3.8CVSS6.2AI score0.00203EPSS
Exploits0References2
CVE
CVE
added 2025/12/26 2:11 p.m.13 views

CVE-2025-36228

CVE-2025-36228 affects IBM Aspera Faspex 5 (versions 5.0.0–5.0.14.1). The issue is inconsistent permissions between the UI and backend API, allowing users to access features that appeared disabled and potentially leading to misuse. Red Hat, CIRCL, NVD, and other feeds corroborate the same descrip...

3.8CVSS6.3AI score0.00203EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/12/26 12:0 a.m.4 views

IBM Aspera Faspex 安全漏洞

IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person document delivery and collaboration. A security vulnerability exists in IBM Aspera Faspex 5 5.0.14.1 and prior versions, which stems from inconsistent permissions between the user interface and...

3.8CVSS6.4AI score0.00203EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/12/26 12:0 a.m.2 views

American Fuzzy Lop plus plus 4.35c

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.6 views

PT-2025-53586

Name of the Vulnerable Software and Affected Versions IBM Aspera Faspex 5 versions 5.0.0 through 5.0.14.1 Description The software may have inconsistent permissions between the user interface and backend API. This could allow users to access features that appear disabled, potentially leading to...

3.8CVSS6.5AI score0.00203EPSS
Exploits0References6
Fedora
Fedora
added 2025/12/25 1:8 a.m.11 views

[SECURITY] Fedora 42 Update: roundcubemail-1.6.12-1.fc42

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

7.5CVSS7AI score0.19769EPSS
Exploits1
Fedora
Fedora
added 2025/12/25 12:53 a.m.10 views

[SECURITY] Fedora 43 Update: roundcubemail-1.6.12-1.fc43

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

7.5CVSS7AI score0.19769EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2025/12/24 11:16 a.m.4 views

CVE-2025-68725

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...

5.5CVSS5.9AI score0.00161EPSS
Exploits0References28
Veracode
Veracode
added 2025/12/24 10:11 a.m.5 views

Cross-Site Scripting (XSS)

ezsystems/ezplatform-admin-ui is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper escaping of user-controlled input in image asset names, content language names, and future publishing features, which allows an attacker with back-office editor or administrator privilege...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/23 12:0 a.m.2 views

Better Call Graphs: A New Dataset of Function Call Graphs for Malware Classification

Function call graphs FCGs have emerged as a powerful abstraction for malware detection, capturing the behavioral structure of applications beyond surface-level signatures. Their utility in traditional program analysis has been well established, enabling effective classification and analysis of...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/22 12:0 a.m.4 views

IoT-Based Android Malware Detection Using Graph Neural Network with Adversarial Defense

Since the Internet of Things IoT is widely adopted using Android applications, detecting malicious Android apps is essential. In recent years, Android graph-based deep learning research has proposed many approaches to extract relationships from applications as graphs to generate graph embeddings...

6.8AI score
Exploits0
Rows per page
Query Builder