Lucene search
K

307 matches found

CVE
CVE
added 2026/02/22 1:2 p.m.18 views

CVE-2026-2946

CVE-2026-2946 affects rymcu forest up to version 0.0.5. The vulnerability is in the function XssUtils.replaceHtmlCode (src/main/java/com/rymcu/forest/util/XssUtils.java) of the Article Content/Comments/Portfolio component, enabling cross-site scripting. The issue enables remote exploitation and t...

5.4CVSS3.5AI score0.00217EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/22 1:2 p.m.29 views

CVE-2026-2946 rymcu forest Article Content/Comments/Portfolio XssUtils.java XssUtils.replaceHtmlCode cross site scripting

A security vulnerability has been detected in rymcu forest up to 0.0.5. Affected by this issue is the function XssUtils.replaceHtmlCode of the file src/main/java/com/rymcu/forest/util/XssUtils.java of the component Article Content/Comments/Portfolio. The manipulation leads to cross site scripting...

5.1CVSS0.00217EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/22 12:0 a.m.11 views

forest 代码注入漏洞

Forest is a modern knowledge community backend project developed by RYMCU. It is implemented using SpringBoot, Shiro, MyBatis, JWT, and Redis. Versions of Forest 0.0.5 and earlier have a code injection vulnerability. This vulnerability stems from incorrect operations in the updateUserInfo functio...

5.4CVSS5.7AI score0.00276EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/22 12:0 a.m.11 views

forest 代码注入漏洞

Forest is a modern knowledge community backend project developed by RYMCU. It is implemented using SpringBoot, Shiro, MyBatis, JWT, and Redis. Versions of Forest 0.0.5 and earlier have a code injection vulnerability. This vulnerability stems from incorrect operations on the XssUtils.replaceHtmlCo...

5.4CVSS5.7AI score0.00217EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.6 views

PT-2026-21450

Name of the Vulnerable Software and Affected Versions rymcu forest versions up to 0.0.5 Description A cross-site scripting issue exists in rymcu forest. The issue is located in the updateUserInfo function within the src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java file of the...

5.1CVSS4.6AI score0.00276EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.10 views

PT-2026-21431

Name of the Vulnerable Software and Affected Versions rymcu forest versions prior to 0.0.6 Description A security issue exists in rymcu forest up to version 0.0.5. The XssUtils.replaceHtmlCode function within the src/main/java/com/rymcu/forest/util/XssUtils.java file, part of the Article...

5.1CVSS4AI score0.00217EPSS
Exploits1References6
Packet Storm News
Packet Storm News
added 2026/02/09 12:0 a.m.5 views

Empirical Evaluation of SMOTE in Android Malware Detection with Machine Learning: Challenges and Performance in CICMalDroid 2020

Malware, malicious software designed to damage computer systems and perpetrate scams, is proliferating at an alarming rate, with thousands of new threats emerging daily. Android devices, prevalent in smartphones, smartwatches, tablets, and IoTs, represent a vast attack surface, making malware...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/13 12:0 a.m.8 views

Malware Detection Based on API Calls: A Reproducibility Study

This study independently reproduces the malware detection methodology presented by Felli cious et al. 7, which employs order-invariant API call frequency analysis using Random Forest classification. We utilized the original public dataset 250,533 training samples, 83,511 test samples and replicat...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/12 12:0 a.m.5 views

Memory-Based Malware Detection under Limited Data Conditions: A Comparative Evaluation of TabPFN and Ensemble Models

Artificial intelligence and machine learning have significantly advanced malware research by enabling automated threat detection and behavior analysis. However, the availability of exploitable data is limited, due to the absence of large datasets with real-world data. Despite the progress of AI i...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/07 12:0 a.m.24 views

Decision-Aware Trust Signal Alignment for SOC Alert Triage

Detection systems that utilize machine learning are progressively implemented at Security Operations Centers SOCs to help an analyst to filter through high volumes of security alerts. Practically, such systems tend to reveal probabilistic results or confidence scores which are ill-calibrated and...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/31 12:0 a.m.6 views

Towards Eco Friendly Cybersecurity: Machine Learning Based Anomaly Detection with Carbon and Energy Metrics

The rising energy footprint of artificial intelligence has become a measurable component of US data center emissions, yet cybersecurity research seldom considers its environmental cost. This study introduces an eco aware anomaly detection framework that unifies machine learning based network...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/16 12:0 a.m.6 views

Hybrid Ensemble Method for Detecting Cyber-Attacks in Water Distribution Systems Using the BATADAL Dataset

The cybersecurity of Industrial Control Systems that manage critical infrastructure such as Water Distribution Systems has become increasingly important as digital connectivity expands. BATADAL benchmark data is a good source of testing intrusion detection techniques, but it presents several...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.7 views

PT-2025-49943

CVE-2025-67569 Missing Authorization vulnerability in scriptsbundle AdForest adforest allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AdFo… https://t.co/690H9QRGac...

5.3CVSS6.9AI score0.00222EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/12/07 12:0 a.m.4 views

A Comprehensive Study of Supervised Machine Learning Models for Zero-Day Attack Detection: Analyzing Performance on Imbalanced Data

Among the various types of cyberattacks, identifying zero-day attacks is problematic because they are unknown to security systems as their pattern and characteristics do not match known blacklisted attacks. There are many Machine Learning ML models designed to analyze and detect network attacks,...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/06 12:0 a.m.6 views

Smart Surveillance: Identifying IoT Device Behaviours Using ML-Powered Traffic Analysis

The proliferation of Internet of Things IoT devices has grown exponentially in recent years, introducing significant security challenges. Accurate identification of the types of IoT devices and their associated actions through network traffic analysis is essential to mitigate potential threats. B...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/26 12:0 a.m.5 views

Unsupervised Anomaly Detection for Smart IoT Devices: Performance and Resource Comparison

The rapid expansion of Internet of Things IoT deployments across diverse sectors has significantly enhanced operational efficiency, yet concurrently elevated cybersecurity vulnerabilities due to increased exposure to cyber threats. Given the limitations of traditional signature-based Anomaly...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/25 12:0 a.m.7 views

Improving the Identification of Real-World Malware's DNS Covert Channels Using Locality Sensitive Hashing

Nowadays, malware increasingly uses DNS-based covert channels in order to evade detection and maintain stealthy communication with its command-and-control servers. While prior work has focused on detecting such activity, identifying specific malware families and their behaviors from captured...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/22 12:0 a.m.7 views

Think Fast: Real-Time IoT Intrusion Reasoning Using IDS and LLMs at the Edge Gateway

As the number of connected IoT devices continues to grow, securing these systems against cyber threats remains a major challenge, especially in environments with limited computational and energy resources. This paper presents an edge-centric Intrusion Detection System IDS framework that integrate...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/14 12:0 a.m.5 views

NegBLEURT Forest: Leveraging Inconsistencies for Detecting Jailbreak Attacks

Jailbreak attacks designed to bypass safety mechanisms pose a serious threat by prompting LLMs to generate harmful or inappropriate content, despite alignment with ethical guidelines. Crafting universal filtering rules remains difficult due to their inherent dependence on specific contexts. To...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/11/12 12:0 a.m.6 views

An Explainable Recursive Feature Elimination to Detect Advanced Persistent Threats Using Random Forest Classifier

Intrusion Detection Systems IDS play a vital role in modern cybersecurity frameworks by providing a primary defense mechanism against sophisticated threat actors. In this paper, we propose an explainable intrusion detection framework that integrates Recursive Feature Elimination RFE with Random...

6.8AI score
Exploits0
Rows per page
Query Builder