Lucene search
K

312 matches found

Cvelist
Cvelist
added 2025/07/28 8:20 p.m.10 views

CVE-2025-54427 Polkadot Frontier contains missing `check_inherent` for `note_min_gas_price_target` inflates gas price

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. The extrinsic notemingaspricetarget is an inherent extrinsic, meaning only the block producer can call it. To ensure correctness, the ProvideInherent trait should be implemented for each inherent, which...

6.9CVSS0.0055EPSS
Exploits0References3
OSV
OSV
added 2025/07/28 8:20 p.m.5 views

CVE-2025-54427 Polkadot Frontier contains missing `check_inherent` for `note_min_gas_price_target` inflates gas price

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. The extrinsic notemingaspricetarget is an inherent extrinsic, meaning only the block producer can call it. To ensure correctness, the ProvideInherent trait should be implemented for each inherent, which...

6.9CVSS6.7AI score0.0055EPSS
Exploits0References5
CVE
CVE
added 2025/07/28 8:8 p.m.28 views

CVE-2025-54426

Summary: Polkadot Frontier’s Curve25519Add and Curve25519ScalarMul precompiles mis-handle invalid Ristretto point representations in versions before commit 36f70d1, silently treating malformed inputs as the Ristretto identity element and potentially yielding incorrect cryptographic results. This ...

9.9CVSS6.4AI score0.00309EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/28 8:8 p.m.5 views

CVE-2025-54426 Polkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with malformed points

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristretto point representations. Instead of returning an error, they silently treat invali...

9.9CVSS6.4AI score0.00309EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/28 8:8 p.m.13 views

CVE-2025-54426 Polkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with malformed points

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristretto point representations. Instead of returning an error, they silently treat invali...

9.9CVSS0.00309EPSS
Exploits0References4
OSV
OSV
added 2025/07/28 8:8 p.m.8 views

CVE-2025-54426 Polkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with malformed points

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristretto point representations. Instead of returning an error, they silently treat invali...

9.9CVSS6.7AI score0.00309EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2025/07/28 12:0 a.m.4 views

Security Challenges in AI Agent Deployment: Insights from a Large Scale Public Competition

Recent advances have enabled LLM-powered AI agents to autonomously execute complex tasks by combining language model reasoning with tools, memory, and web access. But can these systems be trusted to follow deployment policies in realistic environments, especially under attack? To investigate, we...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.5 views

PT-2025-31154 · Polkadot · Polkadot Frontier

Name of the Vulnerable Software and Affected Versions: Polkadot Frontier versions prior to 0822030 Description: Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. The implementation of CallableByContract incorrectly identified contract addresses running under...

6.9CVSS6.5AI score0.00457EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.5 views

PT-2025-31152 · Parity Technologies · Polkadot Frontier

Name of the Vulnerable Software and Affected Versions: Polkadot Frontier versions prior to a754b3d Description: Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. The note min gas price target extrinsic is an inherent extrinsic, callable only by the block...

6.9CVSS6.3AI score0.0055EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.6 views

Polkadot Frontier 代码问题漏洞

Polkadot Frontier is a Polkadot EVM open source application that provides a compatibility layer for Ether VMs. A code issue vulnerability exists in versions of Polkadot Frontier prior to 0822030, which stems from a CallableByContract implementation error that could lead to improperly precompiled...

6.9CVSS6.7AI score0.00457EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/28 12:0 a.m.10 views

PT-2025-31151 · Unknown · Polkadot Frontier

Name of the Vulnerable Software and Affected Versions: Polkadot Frontier versions prior to commit 36f70d1 Description: Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. The Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristrett...

9.9CVSS6.5AI score0.00309EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.4 views

Polkadot Frontier 代码问题漏洞

Polkadot Frontier is a Polkadot EVM open source application that provides an Ether VM compatibility layer. A code issue vulnerability exists in previous versions of Polkadot Frontier a754b3d that stems from an unimplemented checkinherent function of notemingaspricetarget, which could lead to Gas...

6.9CVSS6.7AI score0.0055EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.5 views

Polkadot Frontier 加密问题漏洞

Polkadot Frontier is a Polkadot EVM open source application that provides an Ethernet VM compatibility layer. A cryptographic issue vulnerability exists in versions prior to Polkadot Frontier 36f70d1, which stems from improper handling of invalid Ristretto points by the Curve25519Add and...

9.9CVSS6.4AI score0.00309EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/07/07 12:0 a.m.5 views

Evaluating the Critical Risks of Amazon'S Nova Premier under the Frontier Model Safety Framework

Nova Premier is Amazon's most capable multimodal foundation model and teacher for model distillation. It processes text, images, and video with a one-million-token context window, enabling analysis of large codebases, 400-page documents, and 90-minute videos in a single prompt. We present the fir...

7.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.6 views

AIRTBench: Measuring Autonomous AI Red Teaming Capabilities in Language Models

We introduce AIRTBench, an AI red teaming benchmark for evaluating language models' ability to autonomously discover and exploit Artificial Intelligence and Machine Learning AI/ML security vulnerabilities. The benchmark consists of 70 realistic black-box capture-the-flag CTF challenges from the...

7.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/17 12:0 a.m.39 views

SHADE-Arena: Evaluating Sabotage and Monitoring in LLM Agents

As Large Language Models LLMs are increasingly deployed as autonomous agents in complex and long horizon settings, it is critical to evaluate their ability to sabotage users by pursuing hidden objectives. We study the ability of frontier LLMs to evade monitoring and achieve harmful hidden goals...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/31 12:0 a.m.3 views

Teaching an Old LLM Secure Coding: Localized Preference Optimization on Distilled Preferences

LLM generated code often contains security issues. We address two key challenges in improving secure code generation. First, obtaining high quality training data covering a broad set of security issues is critical. To address this, we introduce a method for distilling a preference dataset of...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/30 12:0 a.m.9 views

Asymmetry by Design: Boosting Cyber Defenders with Differential Access to AI

As AI-enabled cyber capabilities become more advanced, we propose "differential access" as a strategy to tilt the cybersecurity balance toward defense by shaping access to these capabilities. We introduce three possible approaches that form a continuum, becoming progressively more restrictive for...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:2 a.m.3 views

CVE-2023-28431

Frontier is an Ethereum compatibility layer for Substrate. Frontier's modexp precompile uses num-bigint crate under the hood. In the implementation prior to pull request 1017, the cases for modulus being even and modulus being odd are treated separately. Odd modulus uses the fast Montgomery...

7.5CVSS6.7AI score0.00873EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.7 views

CVE-2023-6137

Cross-Site Request Forgery CSRF vulnerability in finnj Frontier Post allows Cross Site Request Forgery.This issue affects Frontier Post: from n/a through 6.1...

8.8CVSS8.5AI score0.00254EPSS
Exploits0References1
Rows per page
Query Builder