Lucene search
K

10781 matches found

Malwarebytes
Malwarebytes
added 2025/10/17 8:10 a.m.7 views

Under the engineering hood: Why Malwarebytes chose WordPress as its CMS

It might surprise some that a security company would choose WordPress as the backbone of its digital content operations. After all, WordPress is often associated with open-source plugins, community themes, and a wide range of deployment practices—some stronger than others. But that perception...

7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2025/10/16 11:39 p.m.4 views

SUSE CVE-2025-2529

Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from malicious external parties in an unfiltered/unsalted way...

3.7CVSS7AI score0.0019EPSS
Exploits0References3
OSV
OSV
added 2025/10/16 6:41 p.m.3 views

GHSA-2CJV-6WG9-F4F3 Strapi Password Hashing is Missing Maximum Password Length Validation

Summary Strapi's password hashing implementation using bcryptjs lacks maximum password length validation. Since bcryptjs truncates passwords exceeding 72 bytes, this creates potential vulnerabilities such as authentication bypass and performance degradation. POC Create an admin user with a passwo...

6.3CVSS7AI score0.00383EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/16 4:1 p.m.5 views

CVE-2025-2529

Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from malicious external parties in an unfiltered/unsalted way...

2.9CVSS6.9AI score0.0019EPSS
Exploits0References1
Redos
Redos
added 2025/10/16 12:0 a.m.7 views

ROS-20251016-03

A vulnerability in the FirmwarePerformancePei.c component of the UEFI EDK2 open source development environment is related to the lack of division by zero check. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

6CVSS6.7AI score0.00217EPSS
Exploits0
EUVD
EUVD
added 2025/10/15 9:31 p.m.4 views

EUVD-2022-55091

In the Linux kernel, the following vulnerability has been resolved: x86/mce: Work around an erratum on fast string copy instructions A rare kernel panic scenario can happen when the following conditions are met due to an erratum on fast string copy instructions: 1 An uncorrected error. 2 That err...

5.5CVSS6.2AI score0.00244EPSS
Exploits0References3
OSV
OSV
added 2025/10/15 4:15 p.m.5 views

CVE-2025-2529

Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from malicious external parties in an unfiltered/unsalted way...

3.7CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2025/10/15 4:15 p.m.13 views

CVE-2025-2529

Applications using affected versions of Ehcache 3.x can experience degraded cache-write performance if the application using Ehcache utilizes keys sourced from malicious external parties in an unfiltered/unsalted way...

3.7CVSS0.0019EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/10/15 12:0 a.m.27 views

Toward Cybersecurity-Expert Small Language Models

Large language models LLMs are transforming everyday applications, yet deployment in cybersecurity lags due to a lack of high-quality, domain-specific models and training datasets. To address this gap, we present CyberPal 2.0, a family of cybersecurity-expert small language models SLMs ranging fr...

7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/10/14 12:0 a.m.8 views

Support for Windows Server 2016 will end in January 2027

Support for Windows Server 2016 will end in January 2027 We recommend upgrading to the latest version of Windows Server. Running the latest version of Windows Server allows you to use the latest features – including the latest security features – and delivers the best performance.To learn more...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/13 12:0 a.m.4 views

SolarWinds Database Performance Analyzer (DPA) Installed (Linux)

Binary data solarwindsdpanixinstalled.nbin...

7AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/10/12 12:0 a.m.4 views

Post-Quantum Cryptography and Quantum-Safe Security: A Comprehensive Survey

Post-quantum cryptography PQC is moving from evaluation to deployment as NIST finalizes standards for ML-KEM, ML-DSA, and SLH-DSA. This survey maps the space from foundations to practice. We first develop a taxonomy across lattice-, code-, hash-, multivariate-, isogeny-, and MPC-in-the-Head...

6.8AI score
Exploits0
OSV
OSV
added 2025/10/10 2:34 p.m.7 views

CLSA-2025-1760106873 exiv2: Fix of CVE-2025-55304

CVE-2025-55304: add new method appendIccProfile to fix quadratic performance issue...

5.5CVSS5.8AI score0.00226EPSS
Exploits1References1
Snyk
Snyk
added 2025/10/09 11:45 p.m.2 views

Malicious Package

Overview kpi-media-metrics is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/09 12:0 a.m.4 views

Fedora 41 : webkitgtk (2025-f2bfde9326)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f2bfde9326 advisory. Update to 2.50.0: Improved rendering performance by recording each layer once and replaying every dirty region in different worker threads. Enable...

9.8CVSS6.8AI score0.00952EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-53583

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERFHESSTOPPED flag checking in riscvpmustart Since commit 096b52fd2bb4...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-39953

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cgroup: split cgroupdestroywq into 3 workqueues A hung task can occur during 1 LTP cgroup testing when repeatedly mounting/unmounting perfevent and netprio...

5.5CVSS6.3AI score0.00137EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/08 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-50476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntbnetdev: Use devkfreeskbany in interrupt context TX/RX callback handlers ntbnetdevtxhandler, ntbnetdevrxhandler can be called in interrupt context via the DMA...

5.5CVSS6AI score0.00149EPSS
Exploits0References3
OSV
OSV
added 2025/10/07 4:15 p.m.3 views

UBUNTU-CVE-2023-53664

In the Linux kernel, the following vulnerability has been resolved: OPP: Fix potential null ptr dereference in devpmoppgetrequiredpstate "opp" pointer is dereferenced before the ISERRORNULL check. Fix it by removing the dereference to cache opptable and dereference it directly where opptable is...

5.5CVSS6.2AI score0.00119EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 3:21 p.m.5 views

EUVD-2025-32747

In the Linux kernel, the following vulnerability has been resolved: OPP: Fix potential null ptr dereference in devpmoppgetrequiredpstate "opp" pointer is dereferenced before the ISERRORNULL check. Fix it by removing the dereference to cache opptable and dereference it directly where opptable is...

6AI score0.00119EPSS
Exploits0References3
Rows per page
Query Builder