Lucene search
K

17053 matches found

Packet Storm News
Packet Storm News
added 2025/10/01 12:0 a.m.5 views

Breaking the Code: Security Assessment of AI Code Agents through Systematic Jailbreaking Attacks

Code-capable large language model LLM agents are increasingly embedded into software engineering workflows where they can read, write, and execute code, raising the stakes of safety-bypass "jailbreak" attacks beyond text-only settings. Prior evaluations emphasize refusal or harmful-text detection...

7.7AI score
Exploits0
CNNVD
CNNVD
added 2025/10/01 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a PM runtime leak that could lead to resource exhaustion...

6.1AI score0.00143EPSS
Exploits0References4
ICS
ICS
added 2025/09/30 6:0 a.m.7 views

OpenPLC_V3

RISK EVALUATION Successful exploitation of this vulnerability could cause a denial of service, making the PLC runtime process crash. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

7.1CVSS7.3AI score0.00199EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/09/29 4:58 p.m.2 views

CVE-2025-10954

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range". Mitigatio...

6.9CVSS6.4AI score0.00421EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 4:6 p.m.18 views

Security Bulletin: Buffer overflow, uncontrolled recursion, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable to buffer overflow, uncontrolled recursion, and other. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-7969 DESCRIPTION: Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site...

9.8CVSS8AI score0.02164EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/29 3:31 p.m.7 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to IBM Semeru Runtime ( CVE-2025-50059, CVE-2025-30761 & CVE-2025-30754 )

Summary IBM App Connect Enterprise is vulnerable to Improper Access Control and Deserialization of Untrusted Data due to IBM Semeru Runtime. Vulnerability Details CVEID:CVE-2025-50059 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ...

8.6CVSS6AI score0.00551EPSS
Exploits0Affected Software1
Veracode
Veracode
added 2025/09/29 3:38 a.m.6 views

Improper Access Control

com.liferay, com.liferay.portal.workflow.kaleo.runtime.impl is vulnerable to Improper Access Control. The vulnerability is due to improper access through the expandoTableLocalService, which allows an attacker to gain unauthorized access to sensitive resources...

9.1CVSS7.1AI score0.00267EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2025/09/27 6:30 a.m.2 views

GHSA-FMJH-F678-CV3X github.com/nyaruka/phonenumbers Vulnerable to Improper Validation of Syntactic Correctness of Input

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range"...

6.9CVSS6.9AI score0.00421EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/09/27 6:30 a.m.10 views

github.com/nyaruka/phonenumbers Vulnerable to Improper Validation of Syntactic Correctness of Input

Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse function. An attacker can cause a panic by providing crafted input causing a "runtime error: slice bounds out of range"...

7.5CVSS6.9AI score0.00421EPSS
Exploits1References5Affected Software1
Packet Storm News
Packet Storm News
added 2025/09/27 12:0 a.m.4 views

AutoML in Cybersecurity: An Empirical Study

Automated machine learning AutoML has emerged as a promising paradigm for automating machine learning ML pipeline design, broadening AI adoption. Yet its reliability in complex domains such as cybersecurity remains underexplored. This paper systematically evaluates eight open-source AutoML...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/26 9:26 a.m.3 views

Malicious code in com.unity.dots.runtime (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/09/26 9:26 a.m.2 views

MAL-2025-47627 Malicious code in com.unity.dots.runtime (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/25 7:59 a.m.5 views

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fastlog to steal Solana and Ethereum wallet keys from source code. The crates, named fasterlog and asyncprintln, were published by the threat actor under the alias rustguruman and...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-39868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: erofs: fix runtime warning on truncatefoliobatchexceptionals Commit 0e2f80afcfa6fs/dax: ensu...

7.8CVSS6.1AI score0.00133EPSS
Exploits0References2
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2025/09/24 6:46 p.m.5 views

[R1] Tenable Patch Management Fixes One Vulnerability

R1 Tenable Patch Management Fixes One Vulnerability Jason Schavel Wed, 09/24/2025 - 14:46 Tenable Patch Management leverages third-party software to help provide underlying functionality. One of the third-party components JRE was found to contain a vulnerability, and an updated version has been...

6.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/24 6:30 p.m.6 views

icu-to-json (>=0.0.1 <=0.0.20) potentially affected by CVE-2025-57353 via @messageformat/runtime (=3.0.1)

@messageformat/runtime NPM version =3.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on @messageformat/runtime and may be impacted: - icu-to-json =0.0.1, =0.0.20 Source cves: CVE-2025-57353 Source advisory: OSV:GHSA-6XV4-9CQP-92RH...

5.3CVSS5.8AI score0.0032EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/24 8:21 a.m.8 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses org.eclipse.core.runtime 3.10.0.v20140318-2214 which is vulnerable to CVE-2023-4218

Summary IBM Maximo Application Suite - Manage Component uses org.eclipse.core.runtime 3.10.0.v20140318-2214 which is vulnerable to CVE-2023-4218.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-4218 DESCRIPTION: In Eclipse IDE...

5CVSS6.3AI score0.00386EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/24 6:52 a.m.2 views

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime may affect IBM Decision Optimization for IBM Cloud Pak for Data (CVE-2025-30749, CVE-2025-30754, CVE-2025-30761, CVE-2025-50059 and CVE-2025-50106)

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Version 17 used by IBM Decision Optimization for IBM Cloud Pak for Data. IBM Decision Optimization for IBM Cloud Pak for Data has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-50059 DESCRIPTION: Vulnerability ...

8.6CVSS6.6AI score0.01058EPSS
Exploits1Affected Software1
SUSE Linux
SUSE Linux
added 2025/09/24 2:4 a.m.6 views

Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-15070078 fixes several issues. The following security issues were fixed: CVE-2025-38498: dochangetype: refuse to operate on unmounted/not ours mounts bsc1247499. CVE-2025-38555: usb: gadget : fix use-after-free in compositedevcleanup bsc1248298. Patch...

8.5CVSS7AI score0.00162EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/09/24 12:0 a.m.3 views

CVE-2025-57353

The Runtime components of messageformat package for Node.js before 3.0.2 contain a prototype pollution vulnerability. Due to insufficient validation of nested message keys during the processing of message data, an attacker can manipulate the prototype chain of JavaScript objects by providing...

6.6AI score0.0032EPSS
Exploits0References5
Rows per page
Query Builder