42 matches found
XSSaudit
XSSAudit v2.0 — Advanced XSS Vulnerability Scanner For au...
CVE-2026-40340
A flaw was found in libgphoto2, a library for camera access and control. An out-of-bounds read vulnerability exists in the ptpunpackOI function due to insufficient validation. A local attacker could exploit this by crafting specific input related to the Samsung Galaxy 64-bit objectsize detection...
CVE-2026-40340
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read vulnerability in ptpunpackOI in camlibs/ptp2/ptp-pack.c lines 530–563. The function validates len PTPoiSequenceNumber i.e., len 48 but subsequently accesses offsets 48–56, up to 9 byt...
CVE-2026-40340
libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read vulnerability in ptpunpackOI in camlibs/ptp2/ptp-pack.c lines 530–563. The function validates len PTPoiSequenceNumber i.e., len 48 but subsequently accesses offsets 48–56, up to 9 byt...
patchbot
patchbot patchbot is an AI-assisted security reviewer for p...
zantetsu-trainer is unmaintained
The zantetsu-trainer crate is no longer maintained. The ML training infrastructure it contained was removed as part of the zantetsu 0.2 release, which replaced the neural parser with a pure heuristic engine. A tombstone version 0.2.0 has been published and 0.1.4 has been yanked. There is no...
pgAdmin 4 Multi‑Target Vulnerability Scanner
This project is a PHP‑based multi‑target vulnerability scanner designed to identify potential exposure to CVE‑2025‑13780 affecting pgAdmin 4 versions 8.14 and below. The tool operates as a heuristic / threat‑intelligence scanner, not an exploit...
SecureScan: An AI-Driven Multi-Layer Framework for Malware and Phishing Detection Using Logistic Regression and Threat Intelligence Integration
The growing sophistication of modern malware and phishing campaigns has diminished the effectiveness of traditional signature-based intrusion detection systems. This work presents SecureScan, an AI-driven, triple-layer detection framework that integrates logistic regression-based classification,...
Taint-Based Code Slicing for LLMs-Based Malicious NPM Package Detection
The increasing sophistication of malware attacks in the npm ecosystem, characterized by obfuscation and complex logic, necessitates advanced detection methods. Recently, researchers have turned their attention from traditional detection approaches to Large Language Models LLMs due to their strong...
HYDRA: A Hybrid Heuristic-Guided Deep Representation Architecture for Predicting Latent Zero-Day Vulnerabilities in Patched Functions
Software security testing, particularly when enhanced with deep learning models, has become a powerful approach for improving software quality, enabling faster detection of known flaws in source code. However, many approaches miss post-fix latent vulnerabilities that remain even after patches...
FuzzRDUCC: Fuzzing with Reconstructed Def-Use Chain Coverage
Binary-only fuzzing often struggles with achieving thorough code coverage and uncovering hidden vulnerabilities due to limited insight into a program's internal dataflows. Traditional grey-box fuzzers guide test case generation primarily using control flow edge coverage, which can overlook bugs n...
Routing and Wavelength Assignment with Minimal Attack Radius for QKD Networks
Quantum Key Distribution QKD can distribute keys with guaranteed security but remains susceptible to key exchange interruption due to physical-layer threats, such as high-power jamming attacks. To address this challenge, we first introduce a novel metric, namely Maximum Number of Affected Request...
DEBIAN-CVE-2025-48385
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to...
Anubis 安全漏洞
Anubis is a tool by Xe Iaso Individual Developers. Anubis has a security vulnerability that stems from allowing administrators to protect bots from AI crawling tools by bot-checking heuristic algorithms and proof-of-work challenges to block crawling from multiple IP addresses...
Defeating Kubernetes Privilege Escalation: A Cloud Detection & Response Case Study
This case study serves to highlight the importance of rapid, heuristic, accurate, and contextualized detection and response in the cloud...
K19784568: TMM vulnerability CVE-2016-5023
Security Advisory Description Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service Traffic Management Microkernel...
gogo
gogo blog posts. - https://chainreactors.github.io/wiki/blog...
heidoc.net Cross Site Scripting vulnerability OBB-2537713
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
AntiVirus Evasion Techniques
Introduction Antivirus software looks for, detects, and eliminates viruses as well as other harmful software such as worms, trojans, adware, and others. Such programs are intended to be used as a preventative measure in cyber security, preventing threats from entering your computer and causing...
[SECURITY] Fedora 33 Update: rubygem-addressable-2.7.0-5.fc33
Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. It is flexible, offers heuristic parsing, and additionally provides extensive support for IRIs and URI templates...