Lucene search
K

447 matches found

OSV
OSV
added 2025/06/25 5:22 p.m.3 views

MAL-2025-5251 Malicious code in aws-sdk-react-native-core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 626365c8daf9243d0d8281fa741a8537d284b73f873547122f9bdab75513d280 Any computer that has this package installed or running should be considered...

7AI score
Exploits0References1
Amazon
Amazon
added 2025/06/24 12:0 a.m.12 views

Medium: amazon-cloudwatch-agent

Issue Overview: The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result i...

7.5CVSS7.4AI score0.0056EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.4 views

Privacy-Preserving Federated Learning against Malicious Clients Based on Verifiable Functional Encryption

Federated learning is a promising distributed learning paradigm that enables collaborative model training without exposing local client data, thereby protect data privacy. However, it also brings new threats and challenges. The advancement of model inversion attacks has rendered the plaintext...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.5 views

Building Automotive Security on Internet Standards: an Integration of DNSSEC, DANE, and DANCE to Authenticate and Authorize In-Car Services

The automotive industry is undergoing a software-as-a-service transformation that enables software-defined functions and post-sale updates via cloud and vehicle-to-everything communication. Connectivity in cars introduces significant security challenges, as remote attacks on vehicles have become...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/20 12:0 a.m.5 views

Towards Effective Complementary Security Analysis Using Large Language Models

A key challenge in security analysis is the manual evaluation of potential security weaknesses generated by static application security testing SAST tools. Numerous false positives FPs in these reports reduce the effectiveness of security analysis. We propose using Large Language Models LLMs to...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/18 5:41 p.m.3 views

Malicious code in taskcluster-db (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 015560a72e308c3ba1770533176ac7fe0bcfbe4892581829992ee47063774f5c Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/06/13 5:36 p.m.1 views

MAL-2025-4952 Malicious code in eyeblue1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d152785a33262aef07792faf0e6affc3c4b0272ea937b56cb3707f5e4286b9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/05/31 3:56 p.m.2 views

MAL-2025-4619 Malicious code in @seo-frontend-components/card-blog-carousel (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1cfcc9a2754a9e96e7bfd7f7c78281a5016b48feeaa8c61f782bcab5dbe4ae8e The OpenSSF Package Analysis project identified '@seo-frontend-components/card-blog-carousel' @ 1.999.0 npm as malicious. It is considered...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/21 12:0 a.m.5 views

Outsourcing SAT-Based Verification Computations in Network Security

The emergence of cloud computing gives huge impact on large computations. Cloud computing platforms offer servers with large computation power to be available for customers. These servers can be used efficiently to solve problems that are complex by nature, for example, satisfiability SAT problem...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/13 12:0 a.m.2 views

Lightweight Hybrid Block-Stream Cryptographic Algorithm for the Internet of Things

In this thesis, a novel lightweight hybrid encryption algorithm named SEPAR is proposed, featuring a 16-bit block length and a 128-bit initialization vector. The algorithm is designed specifically for application in Internet of Things IoT technology devices. The design concept of this algorithm i...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/13 12:0 a.m.2 views

Key Exchange Protocol Based on Circulant Matrix Action over Congruence-Simple Semiring

We present a new key exchange protocol based on circulant matrices acting on matrices over a congruence-simple semiring. We describe how to compute matrices with the necessary properties for the implementation of the protocol. Additionally, we provide an analysis of its computational cost and its...

6.9AI score
Exploits0
Circl
Circl
added 2025/05/09 10:14 p.m.18 views

CVE-2025-4492

creationtimestamp| type| source ---|---|--- 2025-05-09 22:14:49+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lorghtllrnq2 2025-05-09 22:26:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15855 2025-05-09...

9.8CVSS7.3AI score0.00454EPSS
Exploits1References4
Circl
Circl
added 2025/05/08 8:23 p.m.31 views

CVE-2025-45797

creationtimestamp| type| source ---|---|--- 2025-05-08 20:23:54+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15614 2025-05-08 21:15:08+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loot2zwpsb32 2025-05-08...

9.8CVSS4.8AI score0.11815EPSS
Exploits1References4
Circl
Circl
added 2025/05/08 4:48 p.m.17 views

CVE-2025-26844

creationtimestamp| type| source ---|---|--- 2025-05-08 16:48:44+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loodjcdwzzj2 2025-05-08 20:07:46+00:00| seen| https://t.me/cvedetector/24837...

9.8CVSS4.8AI score0.00363EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/02 6:17 a.m.11 views

CVE-2025-37773

In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source name check In certain scenarios, for example, during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an extra check for the source name should be...

5.5CVSS6.4AI score0.00164EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/05/02 12:0 a.m.14 views

Building a Secure Agentic AI Application Leveraging A2A Protocol

As Agentic AI systems evolve from basic workflows to complex multi agent collaboration, robust protocols such as Google's Agent2Agent A2A become essential enablers. To foster secure adoption and ensure the reliability of these complex interactions, understanding the secure implementation of A2A i...

7.6AI score
Exploits0
CNVD
CNVD
added 2025/04/30 12:0 a.m.2 views

JetBrains TeamCity Path Traversal Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A path traversal vulnerability exists in JetBrains...

9.8CVSS6.4AI score0.00446EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/04/29 12:0 a.m.9 views

A Novel Cipher for Enhancing MAVLink Security: Design, Security Analysis, and Performance Evaluation Using a Drone Testbed

We present MAVShield, a novel lightweight cipher designed to secure communications in Unmanned Aerial Vehicles UAVs using the MAVLink protocol, which by default transmits unencrypted messages between UAVs and Ground Control Stations GCS. While existing studies propose encryption for MAVLink, most...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/19 12:0 a.m.3 views

ScaloWork: Useful Proof-Of-Work with Distributed Pool Mining

Bitcoin blockchain uses hash-based Proof-of-Work PoW that prevents unwanted participants from hogging the network resources. Anyone entering the mining game has to prove that they have expended a specific amount of computational power. However, the most popular Bitcoin blockchain consumes 175.87...

6.9AI score
Exploits0
OSV
OSV
added 2025/04/18 4:12 p.m.3 views

CGA-WMW2-H58H-2WJ3

Bulletin has no description...

6.5CVSS6.4AI score0.0045EPSS
Exploits0
Rows per page
Query Builder