Lucene search
K

447 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/01 9:53 a.m.8 views

Malicious code in turboscan-client (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aadd88a4cebcc045db4b6899180a44c571f6429b26ead528721f7474c03110a0 The OpenSSF Package Analysis project identified 'turboscan-client' @ 99.99.99 rubygems as malicious. It is considered malicious because: - The...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/26 12:0 a.m.5 views

PT-2026-33168

Name of the Vulnerable Software and Affected Versions AMD Platform Configuration Blob APCB SMM driver affected versions not specified Description Incorrect use of boot service in the AMD Platform Configuration Blob APCB SMM driver could allow a privileged attacker with local access Ring 0 to...

7.1CVSS6AI score0.00145EPSS
Exploits1References10
Packet Storm News
Packet Storm News
added 2025/08/20 12:0 a.m.2 views

MoEcho: Exploiting Side-Channel Attacks to Compromise User Privacy in Mixture-Of-Experts LLMs

The transformer architecture has become a cornerstone of modern AI, fueling remarkable progress across applications in natural language processing, computer vision, and multimodal learning. As these models continue to scale explosively for performance, implementation efficiency remains a critical...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/16 12:0 a.m.2 views

Attack Graph Generation on HPC Clusters

Attack graphs AGs are graphical tools to analyze the security of computer networks. By connecting the exploitation of individual vulnerabilities, AGs expose possible multi-step attacks against target networks, allowing system administrators to take preventive measures to enhance their network's...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.2 views

SAEL: Leveraging Large Language Models with Adaptive Mixture-Of-Experts for Smart Contract Vulnerability Detection

With the increasing security issues in blockchain, smart contract vulnerability detection has become a research focus. Existing vulnerability detection methods have their limitations: 1 Static analysis methods struggle with complex scenarios. 2 Methods based on specialized pre-trained models...

7.5AI score
Exploits0
Gitee
Gitee
added 2025/07/27 4:52 a.m.106 views

TEE-reversing

This repository is an offensive tool for learning how to reverse-engineer and achieve trusted code execution on ARM devices. It contains a curated list of public TEE resources, including papers on TEE reversing and security analysis. The repository includes links to various papers and resources o...

7.6AI score
Exploits0
OSV
OSV
added 2025/07/25 12:0 a.m.2 views

MAL-2025-6231 Malicious code in bufbuild-core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ea2a6d8f75509bff2876bce466f00b9c7c810394f46e6479c6e2d8b19acc9557 The OpenSSF Package Analysis project identified 'bufbuild-core' @ 1.0...

7.1AI score
Exploits0
Circl
Circl
added 2025/07/24 12:53 a.m.18 views

CVE-2025-53537

creationtimestamp| type| source ---|---|--- 2025-07-24 00:53:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3luod2qveql2i 2025-10-10 06:46:36+00:00| seen| https://gist.github.com/Darkcrai86/7a8a46ebe032f3a5b6dc4800f88e9437...

7.5CVSS5.5AI score0.0042EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/07/21 1:2 p.m.221 views

Exploit for Type Confusion in Google Chrome

CVE-2024-4947 A in-the-wild V8 type confusion bug. This repo...

9.6CVSS10AI score0.15111EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2025/07/19 12:0 a.m.1 views

Privacy-Preserving Drone Navigation through Homomorphic Encryption for Collision Avoidance

As drones increasingly deliver packages in neighborhoods, concerns about collisions arise. One solution is to share flight paths within a specific zip code, but this compromises business privacy by revealing delivery routes. For example, it could disclose which stores send packages to certain...

6.8AI score
Exploits0
OSV
OSV
added 2025/07/18 5:21 p.m.1 views

MAL-2025-6009 Malicious code in protolab (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 395ceb17d3bf331597e101e685532b4af1d732b5ee31005221b0fcae61b97632 The OpenSSF Package Analysis project identified 'protolab' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/14 12:0 a.m.7 views

MalCodeAI: Autonomous Vulnerability Detection and Remediation Via Language Agnostic Code Reasoning

The growing complexity of cyber threats and the limitations of traditional vulnerability detection tools necessitate novel approaches for securing software systems. We introduce MalCodeAI, a language-agnostic, multi-stage AI pipeline for autonomous code security analysis and remediation. MalCodeA...

7AI score
Exploits0
Circl
Circl
added 2025/07/12 7:51 a.m.14 views

CVE-2025-7465

creationtimestamp| type| source ---|---|--- 2025-07-12 07:51:32+00:00| seen| https://bsky.app/profile/potato.software/post/3ltqusyguui2b...

9CVSS7.3AI score0.00758EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/07/12 12:0 a.m.4 views

When Developer Aid Becomes Security Debt: a Systematic Analysis of Insecure Behaviors in LLM Coding Agents

LLM-based coding agents are rapidly being deployed in software development, yet their security implications remain poorly understood. These agents, while capable of accelerating software development, may inadvertently introduce insecure practices. We conducted the first systematic security...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.4 views

Cockpit Detection

Binary data cockpitdetect.nbin...

7.3AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/04 5:41 p.m.3 views

CVE-2025-38215

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in doregisterframebuffer fails to allocate memory for fbvideomode, it will later lead to a null-ptr dereference in fbvideomodetovar,...

7CVSS6.4AI score0.00137EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/06/30 12:0 a.m.77 views

Microsoft FrontPage Server Extensions (FPSE) Detection (HTTP)

HTTP based detection of Microsoft FrontPage Server Extensions FPSE. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.3AI score
Exploits0References2
OpenVAS
OpenVAS
added 2025/06/30 12:0 a.m.1 views

Huawei EulerOS: Security Advisory for libsoup (EulerOS-SA-2025-1707)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.9AI score0.00847EPSS
Exploits1References2
Wolfi
Wolfi
added 2025/06/28 1:47 p.m.12 views

GHSA-FV92-FJC5-JJ9H vulnerabilities

Vulnerabilities for packages: glow, k9s, kyverno-policy-reporter-ui, tempo, jaeger, nri-kubernetes, dive, glab, calico, amazon-cloudwatch-agent, istio, jitsucom-bulker, opa-envoy, cloud-sql-proxy, github-mcp-server, golangci-lint, kor, cluster-api, opentofu, amazon-cloudwatch-agent-operator, wgcf...

5.9AI score
Exploits0
OSV
OSV
added 2025/06/26 6:50 p.m.3 views

MAL-2025-5278 Malicious code in codesandbox-deps (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8cbaaee48ac510c9d11bc481194ff5a4006d0233d8d2d06a3422628cea6a879 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
Rows per page
Query Builder