2812 matches found
AutoVAPT
█████╗ ██╗ ██╗████████╗ ██████╗ ██╗ ██╗ █████╗ ██████╗...
sbom-risk-analyzer
SBOM-Risk-Analyzer Exploitability-weighted vulnerability pri...
pentestai
PentestAI Autonomous penetration testing framework for intent...
CRESS: Quantifying Vulnerabilities of Attack Scenarios in Hardware Reverse Engineering
The safety, security, and reliability of microelectronic systems depend on a trustworthy, secured supply chain and design flow. Globally distributed supply chains or unintentional design weaknesses leave the door open for attacks on the hardware level. These scenarios encompass counterfeiting,...
web-enumerator
🔍 Web Enumeration & Attack Testing Tool A professional‑grade...
Pencak Silat Digital Scoring SQL注入漏洞
Pencak Silat Digital Scoring is a digital scoring system for martial arts competitions developed by Yudha Yogasara. Version 18.10 of Pencak Silat Digital Scoring contains an SQL injection vulnerability. This vulnerability arises from injecting malicious code through the idpartai parameter, which...
Less panic patching, more precision
Welcome to this week's edition of the Threat Source newsletter. Recently, Martin closed his introduction with a warning: Ready or not, the time of much patching is coming. I've been chewing on that one for a while because I'm rethinking my own enrichment pipelines along these lines, and the...
project_hydra
Project HYDRA Automated vulnerability discovery & exploitat...
Reasoning As an Attack Surface: Adaptive Evolutionary CoT Jailbreaks for LLMs
Large Reasoning Models LRMs have demonstrated remarkable capabilities in reasoning and generation tasks and are increasingly deployed in real-world applications. However, their explicit chain-of-thought CoT mechanism introduces new security risks, making them particularly vulnerable to jailbreak...
gnome-shell bug fix and enhancement update
An update is available for gnome-shell. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...
cockpit-composer bug fix and enhancement update
An update is available for cockpit-composer. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
osbuild-composer security update
An update is available for osbuild-composer. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A service for building customized OS artifacts, such as VM images an...
eip-search
Exploit Intel Platform CLI Search Tool Package/command: eip-...
zparty
Zparty Automated web penetration testing framework with loc...
search-cve
Intelligence Engine A lean Python CLI that aggregates CVE i...
PT-2026-39925
Due to missing authorization check in SAP Strategic Enterprise Management Scorecard Wizard in Business Server Pages, an authenticated attacker could access information that they are otherwise unauthorized to view. This vulnerability also enables the attacker to change the default settings and...
AI Native Asset Intelligence
Modern security environments generate fragmented signals across cloud resources, identities, configurations, and third-party security tools. Although AI-native security assistants improve access to this data, they remain largely reactive: users must ask the right questions and interpret...
Qualys TotalAI Achieves FedRAMP Moderate (FedRAMP Certified Class C) Authorization
Key Takeaways Federal AI adoption is accelerating faster than governance and approved security tooling. Risk now spans models, infrastructure, and the software supply chain. AI threats often mimic normal usage, which makes it difficult to detect with static methods. Meeting mandated federal...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
check-copyfail check-copyfail.sh is a read-only Bash script...
PIIGuard: Mitigating PII Harvesting under Adversarial Sanitization
Browsing-enabled LLM assistants can fetch webpages and answer contact-seeking queries, creating a practical channel for scraping contact-style personally identifiable information PII from public pages. Many prior defenses are deployed at the model, service, or agent layer rather than at the webpa...