Lucene search
K

28 matches found

CVE
CVE
added 2026/06/18 4:5 p.m.46 views

CVE-2026-55203

HAProxy

9.1CVSS5.6AI score0.00321EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.8 views

OrchJail: Jailbreaking Tool-Calling Text-To-Image Agents by Orchestration-Guided Fuzzing

Tool-calling text-to-image T2I agents can plan and execute multi-step tool chains to accomplish complex generation and editing queries. However, this capability introduces a new safety attack surface: harmful outputs may arise from tool orchestration, where individually benign steps combine into...

5.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/15 10:54 a.m.4 views

thunderbird: Out of bounds read in IMAP parsing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were...

8.2CVSS7.2AI score0.0036EPSS
Exploits0References5
CVE
CVE
added 2026/03/10 12:0 a.m.7 views

CVE-2026-26741

PX4 Autopilot versions 1.12.x–1.15.x contain a logic flaw in the mode-switching mechanism. When switching from Auto to Manual while the drone is ARMED (post-landing and before automatic disarm via COM_DISARM_LAND), there is no throttle-threshold safety check on the physical throttle stick. This c...

8.1CVSS5.8AI score0.00259EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-8203

Malware in sbrugna...

2.1CVSS4.3AI score0.00323EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-13789

Malware in sbrugna...

5.9CVSS5.7AI score0.01054EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.16 views

EUVD-2020-8182

Malware in sbrugna...

6.5CVSS6.5AI score0.00704EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-21092

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00163EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-40397

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.02056EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-40403

Malicious code in bioql PyPI...

8.3CVSS6.6AI score0.00831EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-2307

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.01172EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-40395

Malicious code in bioql PyPI...

9.3CVSS6.6AI score0.01658EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/08/14 10:23 p.m.14 views

User-defined implementations of the safe trait scratchpad::Tracking can cause heap buffer overflows

The get and set methods of the public trait scratchpad::Tracking interact with unsafe code regions in the crate, and they influence the computation of addresses returned as raw pointers. However, the trait itself is not marked as unsafe, meaning users may provide custom implementations under the...

7.8AI score
Exploits0References3Affected Software1
Schneier on Security
Schneier on Security
added 2025/07/16 4:57 p.m.4 views

Hacking Trains

Seems like an old system system that predates any care about security: The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device FRED, also known as an End-of-Train EOT device, is attached to the back of a train and sends...

7.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.5 views

PT-2025-29125

Name of the Vulnerable Software and Affected Versions End-of-Train EoT and Head-of-Train HoT devices affected versions not specified Description A critical vulnerability exists in the remote linking protocol used for End-of-Train EoT and Head-of-Train HoT devices, which rely on a BCH checksum for...

9.4CVSS8.8AI score0.0053EPSS
Exploits0References27
Cvelist
Cvelist
added 2025/06/24 12:28 p.m.12 views

CVE-2025-6434 HTTPS-Only exception screen lacked anti-clickjacking delay

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 1...

0.00227EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/17 12:0 a.m.5 views

PT-2025-27249 · Crates.Io · Wasmtime-Jit-Debug

The unsound function dump code load record uses from raw parts to directly convert the pointer addr and len into a slice without any validation and that memory block would be dumped. Thus, the 'safe' function dump code load record is actually 'unsafe' since it requires the caller to guarantee tha...

6.9CVSS7.3AI score
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/05/16 12:0 a.m.5 views

AutoRAN: Weak-To-Strong Jailbreaking of Large Reasoning Models

This paper presents AutoRAN, the first automated, weak-to-strong jailbreak attack framework targeting large reasoning models LRMs. At its core, AutoRAN leverages a weak, less-aligned reasoning model to simulate the target model's high-level reasoning structures, generates narrative prompts, and...

7.6AI score
Exploits0
NVD
NVD
added 2025/05/13 10:15 a.m.18 views

CVE-2025-24007

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System MSS All versions, SIRIUS Safety Relays 3SK2 All versions. Affected devices only provide weak password obfuscation. An attacker with network access could retrieve and de-obfuscate the safety password used for protection again...

8.7CVSS0.00247EPSS
Exploits0References1
CISA
CISA
added 2025/01/30 12:0 p.m.27 views

CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA released a fact sheet, Contec CMS8000 Contains a Backdoor, detailing an analysis of three firmware package versions of the Contec CMS8000, a patient monitor used by the U.S. Healthcare and Public Health HPH sector. Analysts discovered that an embedded backdoor function with a hard-coded IP...

8.2CVSS8AI score0.01116EPSS
Exploits0References8
Rows per page
Query Builder