540 matches found
FlowPure: Continuous Normalizing Flows for Adversarial Purification
Despite significant advancements in the area, adversarial robustness remains a critical challenge in systems employing machine learning models. The removal of adversarial perturbations at inference time, known as adversarial purification, has emerged as a promising defense strategy. To achieve...
Adversarial Suffix Filtering: a Defense Pipeline for LLMs
Large Language Models LLMs are increasingly embedded in autonomous systems and public-facing environments, yet they remain susceptible to jailbreak vulnerabilities that may undermine their security and trustworthiness. Adversarial suffixes are considered to be the current state-of-the-art...
php: Stream HTTP wrapper truncates redirect location to 1024 bytes
A flaw was found in PHP. This vulnerability allows incorrect URL truncation and redirection to the wrong location via HTTP redirect handling due to a limited location buffer size...
WordPress plugin License For Envato 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-16621 · WordPress · Wpfactory Custom Css
Name of the Vulnerable Software and Affected Versions: WPFactory Custom CSS, JS & PHP versions n/a through 2.4.1 Description: A Cross-Site Request Forgery CSRF issue allows Remote Code Inclusion. This is a critical issue that can be exploited remotely. Recommendations: For versions n/a through...
CVE-2025-1782
In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misused to include an arbitrary file in the PHP code allowing an attacker to do anything as the web server user. This flaw requires the attacker to be authenticated...
PT-2025-16085
Name of the Vulnerable Software and Affected Versions: EventON versions prior to 2.3.2 EventON version 2.3.2 Description: The issue is related to improper control of filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local File...
CVE-2022-20685
A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit th...
PHP Parser 安全漏洞
PHP Parser is a PHP parser written in PHP by Nikita Popov, a personal developer. A security vulnerability exists in PHP Parser version v3.2.1, which stems from the lib.combine function containing a prototype contamination vulnerability...
Malicious code in karma-fest-preprocessor (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12fc59d44987dfafc3d0226a2629d1aa8294664f22936a59406d8e77b6695b2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-130 Malicious code in karma-fest-preprocessor (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12fc59d44987dfafc3d0226a2629d1aa8294664f22936a59406d8e77b6695b2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2025-32536 · Unknown +1 · Nasm Netwide Assember +1
Name of the Vulnerable Software and Affected Versions: NASM Netwide Assember version 2.17rc0 Description: A use after free issue exists in the do directive function within the preproc.c file. Exploitation requires local access. An exploit for this issue has been publicly disclosed and may be used...
PT-2025-32538 · Unknown +1 · Nasm Netwide Assembler +1
Name of the Vulnerable Software and Affected Versions: NASM Netwide Assembler version 2.17rc0 Description: A flaw exists in the parse smacro template function within the preproc.c file. This issue leads to a null pointer dereference. Local access is required for exploitation. An exploit has been...
Unstructured 安全漏洞
Unstructured is an open source preprocessor for unstructured data from Unstructured Open Source. A security vulnerability exists in Unstructured 0.14.2 and earlier versions, which stems from vulnerability to XML External Entity XXE attacks via XMLParser...
WordPress plugin Funnelforms Free 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
DEBIAN-CVE-2024-8932
In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, uncontrolled long string inputs to ldapescape function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write...
CVE-2022-20685
A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit th...
CVE-2022-20685
A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit th...
WordPress NIX Anti-Spam Light plugin <= 0.0.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin NIX Anti-Spam Light versions = 0.0.4...
Symfony 注入漏洞
Symfony is a PHP framework for web and console applications and a set of reusable PHP components from Symfony. Symfony suffers from an injection vulnerability that stems from allowing the separation of a PHP application from its global state...