95 matches found
GHSA-77X9-RF64-92GV Free5GC AMF Bypasses UE Security Capabilities on NGAP PathSwitchRequest
Summary The AMF in Free5GC v4.2.1 does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against its locally stored values, as mandated by 3GPP TS 33.501 §6.7.3.1. A malicious gNB can overwrite the AMF's stored UE security capabilities with arbitrary values, whic...
Exploit for Missing Authentication for Critical Function in Cpanel
🛡️ CVE-2026-41940-Exploit-PoC - Test your cPanel server securi...
PT-2026-33635
Apache Struts CVE-2026-6056 has been rejected, indicating no current security threat. This highlights the importance of verifying CVE statuses before panic. NerdieNews CyberSecurity InfoSec Ransomware Malware https://t.co/uHuPsnGEPa...
CLSA-2026-1773137907 nginx: Fix of CVE-2026-1642
CVE-2026-1642: fix upstream TLS proxy vulnerability allowing MITM inject plaintext into proxied responses; enforce strict upstream TLS verification and reject injected plaintext...
SecureRAG-RTL: A Retrieval-Augmented, Multi-Agent, Zero-Shot LLM-Driven Framework for Hardware Vulnerability Detection
Large language models LLMs have shown remarkable capabilities in natural language processing tasks, yet their application in hardware security verification remains limited due to scarcity of publicly available hardware description language HDL datasets. This knowledge gap constrains LLM performan...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to the DefaultConfig function, which sets TlsInsecureSkipVerify to true, disabling TLS certificate verification for all outgoing storage driver communications. An attacker can intercept and manipulate...
CVE-2024-39671
Access control vulnerability in the security verification module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-66491
Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend TLS certificate verification actually disables...
AlmaLinux 10 : podman (ALSA-2025:10549)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:10549 advisory. podman: podman missing TLS verification CVE-2025-6032 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...
EUVD-2021-17141
Malware in sbrugna...
EUVD-2014-3500
Malware in sbrugna...
EUVD-2025-9977
Malicious code in bioql PyPI...
EUVD-2024-39409
Malicious code in bioql PyPI...
EUVD-2024-38176
Malicious code in bioql PyPI...
EUVD-2025-9967
Malicious code in bioql PyPI...
EUVD-2025-9962
Malicious code in bioql PyPI...
EUVD-2025-9948
Malicious code in bioql PyPI...
SV-LLM: an Agentic Approach for SoC Security Verification Using Large Language Models
Ensuring the security of complex system-on-chips SoCs designs is a critical imperative, yet traditional verification techniques struggle to keep pace due to significant challenges in automation, scalability, comprehensiveness, and adaptability. The advent of large language models LLMs, with their...
CVE-2024-42033
Access control vulnerability in the security verification module mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality...
ThreatLens: LLM-Guided Threat Modeling and Test Plan Generation for Hardware Security Verification
Current hardware security verification processes predominantly rely on manual threat modeling and test plan generation, which are labor-intensive, error-prone, and struggle to scale with increasing design complexity and evolving attack methodologies. To address these challenges, we propose...