739 matches found
EUVD-2023-48674
Malicious code in bioql PyPI...
EUVD-2021-9374
Malicious code in bioql PyPI...
EUVD-2022-39572
Malicious code in bioql PyPI...
EUVD-2021-9383
Malicious code in bioql PyPI...
EUVD-2025-6113
Malicious code in bioql PyPI...
EUVD-2024-1109
Malicious code in bioql PyPI...
EUVD-2023-2954
Malicious code in bioql PyPI...
EUVD-2025-23811
Malicious code in bioql PyPI...
EUVD-2022-34634
Malicious code in bioql PyPI...
EUVD-2022-6862
Malicious code in bioql PyPI...
EUVD-2015-3484
Malicious code in bioql PyPI...
SafeSearch: Automated Red-Teaming for the Safety of LLM-Based Search Agents
Search agents connect LLMs to the Internet, enabling access to broader and more up-to-date information. However, unreliable search results may also pose safety threats to end users, establishing a new threat surface. In this work, we conduct two in-the-wild experiments to demonstrate both the...
How Far Are We? an Empirical Analysis of Current Vulnerability Localization Approaches
Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity. Traditional manual detection methods face significant scalability challenges when processing large volumes of commit histories, while being...
Can Codeless Testing Tools Detect Common Security Vulnerabilities?
Learn what Codeless Testing Tools are and how effective they are in detecting common security vulnerabilities, along with understanding their strengths and limitations...
PatchSeeker: Mapping NVD Records to Their Vulnerability-Fixing Commits with LLM Generated Commits and Embeddings
Software vulnerabilities pose serious risks to modern software ecosystems. While the National Vulnerability Database NVD is the authoritative source for cataloging these vulnerabilities, it often lacks explicit links to the corresponding Vulnerability-Fixing Commits VFCs. VFCs encode precise code...
Race Condition
shopware/platform is vulnerable to Race Condition. The vulnerability is due to improper handling of concurrent requests in the voucher system, which allows attackers to bypass voucher restrictions and exceed usage limitations...
CVE-2025-40766
The CVE-2025-40766 vulnerability affects Siemens SINEC Traffic Analyzer versions prior to 3.0. The issue arises from docker containers running with insufficient resource and security limitations, enabling a local attacker to perform a denial-of-service (DoS) attack. Evidence across multiple sourc...
Shopware race condition bypasses voucher restrictions
A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations...
GHSA-27GV-MG7W-MM34 Shopware race condition bypasses voucher restrictions
A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations...
CVE-2025-7954 Race Condition in Shopware Voucher Submission
A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations...