11953 matches found
MINI-68MC-JQQ4-9MFJ
Bulletin has no description...
MINI-G395-W32H-RC46
Bulletin has no description...
MINI-5M44-VQWR-7GMC
Bulletin has no description...
x86 HVM I/O port list traversal
ISSUE DESCRIPTION HVM guest I/O port accesses are subject to either emulation or at least translation. Translations are managed by the device model via XENDOMCTLioportmapping, and hence the linked list used may changed at any time. Traversal of those lists while handling guest I/O port accesses...
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without...
MINI-PH48-2JQ4-M2WJ
Bulletin has no description...
EUVD-2025-210083
A vulnerability has been identified in SIPROTEC 5 6MD84 CP300 All versions, SIPROTEC 5 6MD85 CP200 All versions, SIPROTEC 5 6MD85 CP300 All versions, SIPROTEC 5 6MD86 CP200 All versions, SIPROTEC 5 6MD86 CP300 All versions, SIPROTEC 5 6MD89 CP300 All versions, SIPROTEC 5 6MU85 CP300 All versions,...
CVE-2026-41842
Spring MVC and WebFlux applications are vulnerable to Denial of Service DoS attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48...
CVE-2026-41853
CVE-2026-41853 concerns Multipart request smuggling in Spring Framework’s Spring MVC and WebFlux components. Affected are Spring Framework versions: 7.0.0–7.0.7; 6.2.0–6.2.18; 6.1.0–6.1.27; 5.3.0–5.3.48. The CVE entry identifies the issue as a vulnerability in multipart handling, with an accompan...
CVE-2026-41844 Spring Framework Open Redirect in Spring MVC and WebFlux
A Spring MVC or Spring WebFlux application which configures a mapping for "/" where the view name is not explicitly specified allows an attacker to craft a link resulting in a 302 redirect to an arbitrary external host via the redirect: prefix. Affected versions: Spring Framework 7.0.0 through...
CVE-2026-41844 Spring Framework Open Redirect in Spring MVC and WebFlux
A Spring MVC or Spring WebFlux application which configures a mapping for "/" where the view name is not explicitly specified allows an attacker to craft a link resulting in a 302 redirect to an arbitrary external host via the redirect: prefix. Affected versions: Spring Framework 7.0.0 through...
CVE-2026-11474
A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of the component Registration Endpoint. Performing a manipulation of the argument stimg results in...
MINI-FPM2-H88V-MF8R
Bulletin has no description...
MINI-232C-V6F5-F99P
Bulletin has no description...
MINI-JM2C-6239-H696
Bulletin has no description...
MINI-85J2-QXHX-24H6
Bulletin has no description...
PT-2026-48086
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...
PT-2026-48087
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...
PT-2026-48077
Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier Description A DOM-based Cross-Site Scripting XSS issue allows an attacker to execute malicious JavaScript within the victim's browser by manipulating the Document Object...
Context-Based Adversarial Attacks on AI Code Generators: Vulnerability Analysis and Implications
AI-powered code generation systems have transformed software development but introduce critical inference-time security vulnerabilities. This research presents a systematic investigation of context-based adversarial attacks, where strategically crafted contextual inputs, including comments,...