Can Developers Rely on LLMs for Secure IaC Development?

We investigated the capabilities of GPT-4o and Gemini 2.0 Flash for secure Infrastructure as Code IaC development. For security smell detection, on the Stack Overflow dataset, which primarily contains small, simplified code snippets, the models detected at least 71% of security smells when prompt...

EUVD-2021-20981

Malware in sbrugna...

EUVD-2021-18858

Malware in sbrugna...

EUVD-2020-16810

Malware in sbrugna...

EUVD-2023-12610

Malicious code in bioql PyPI...

EUVD-2021-6526

Malicious code in bioql PyPI...

CVE-2025-3873 Buffer overflow in Si91x crypto APIs

The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host Cortex-M4 application. slsi91xaes slsi91xgcm slsi91xccm slsi91xsha...

SUSE-SU-2025:01981-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. - CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. - CVE-2025-49177: Data leak in XFIXES Extension 6...

SUSE-SU-2025:01980-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. - CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. - CVE-2025-49177: Data leak in XFIXES Extension 6...

SUSE-SU-2025:01974-1 Security update for xwayland

This update for xwayland fixes the following issues: - CVE-2025-49175: Out-of-bounds access in X Rendering extension Animated cursors bsc1244082. - CVE-2025-49176: Integer overflow in Big Requests Extension bsc1244084. - CVE-2025-49177: Data leak in XFIXES Extension 6 XFixesSetClientDisconnectMod...

CVE-2025-1651

A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2022-41894

TensorFlow is an open source platform for machine learning. The reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result. Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if the number of inp...

PT-2025-7466 · Grub +3 · Grub +3

Name of the Vulnerable Software and Affected Versions: grub2 affected versions not specified Description: The issue arises when the grub's UDF filesystem module allocates internal buffers based on user-controlled data length metadata while reading data from disk. In certain scenarios, it assumes...

CVE-2015-20111

miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was possible in...

Important: json-c

Issue Overview: A flaw was found in json-c. In printbufmemappend, certain crafted values can overflow the memory allowing an attacker to write past the memory boundary. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2020-127...

CVE-2022-42060

Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service DoS via crafted overflow data...

CVE-2022-42058

Tenda AC1200 Router Model W15Ev2 V15.11.0.101576 was discovered to contain a stack overflow via the setRemoteWebManage function. This vulnerability allows attackers to cause a Denial of Service DoS via crafted overflow data...

CVE-2021-46321

Tenda AC Series Router AC11V02.03.01.104CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service DoS via crafted overflow data...

CVE-2021-46321

Tenda AC Series Router AC11V02.03.01.104CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service DoS via crafted overflow data...

CVE-2021-37354

Xerox Phaser 4622 v35.013.01.000 was discovered to contain a buffer overflow in the function sub3226AC via the TIMEZONE variable. This vulnerability allows attackers to cause a Denial of Service DoS via crafted overflow data...