410 matches found
CVE-2026-5713 Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target
The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...
CVE-2025-69893
CVE-2025-69893 describes a side-channel vulnerability in BIP-39 mnemonic processing observed in Trezor hardware wallets (One v1.13.0–v1.14.0, T v1.13.0–v1.14.0, Safe v1.13.0–v1.14.0). The root cause is non-constant time execution and specific branch patterns during word search dictated by the BIP...
Linux Distros Unpatched Vulnerability : CVE-2026-5713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The profiling.sampling module Python 3.15+ and asyncio introspection capabilities 3.14+, python -m asyncio ps and python -m asyncio pstree features could be use...
PT-2026-32696
Name of the Vulnerable Software and Affected Versions CPython versions 3.14 and later Description The profiling.sampling module and asyncio introspection capabilities, specifically the 'python -m asyncio ps' and 'python -m asyncio pstree' commands, allow for out-of-bounds read and write operation...
CPython 安全漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability, which stems from the profiling.sampling module and the asyncio introspection feature. This vulnerability may allow access to addresses within privileged processes during readi...
Your extensions leak clues about you, so we made sure Browser Guard doesn’t
Did you know you can be profiled based on the browser extensions you use? Advertisers can detect which extensions are installed and use that to build a picture of the kind of user you are. For instance, do you pride yourself on being a good online shopper who never pays full price? Maybe you use ...
Towards the Development of an LLM-Based Methodology for Automated Security Profiling in Compliance with Ukrainian Cybersecurity Regulations
In recent years, the pace of development of information technology in various areas has increased drastically, forcing cybersecurity specialists to constantly review existing processes in order to prevent unauthorized access to confidential information. Using Ukraine as a primary case study, this...
Google Android Denial of Service Vulnerability (CNVD-2026-13147)
Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which stems from improper input validation in multiple functions of ProfilingService.java, and can be exploited by an attacker to cause a denial of service...
CVE-2025-48585
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48587
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48585
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48587
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48585
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48587
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
EUVD-2025-208206
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48587
CVE-2025-48587 is linked to Google Android and involves multiple functions in ProfilingService.java where improper input validation can cause a persistent local denial of service without user interaction or extra privileges. The condition is confirmed across CVE/NVD entries and mirrored in relate...
CVE-2025-48587
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48587
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48587
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48585
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...