Lucene search
K

1381 matches found

Redos
Redos
added 2026/05/05 12:0 a.m.10 views

ROS-20260505-73-0001

Vulnerability in zabbix7.4 related to the use of externally controlled input data for class selection. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

6.9CVSS6.2AI score0.00285EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.7 views

LiteShield: Hybrid Feature Selection-Driven Lightweight Intrusion Detection for Resource-Constrained IoT Networks

The rapid expansion of Internet of Things IoT deployments has enlarged the attack surface of modern digital infrastructure while exposing a key security mismatch: many intrusion detection systems IDSs remain too computationally expensive for constrained IoT environments. This paper presents...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/02 11:16 p.m.23 views

CVE-2026-7670

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/UserSel.aspx. This manipulation of the argument DeptIDList causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may b...

7.5CVSS0.00259EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/02 10:15 p.m.8 views

CVE-2026-7670

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/UserSel.aspx. This manipulation of the argument DeptIDList causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may b...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.8 views

PT-2026-36640

Name of the Vulnerable Software and Affected Versions Jinher OA version 1.0 Description A remote SQL injection flaw exists in the file '/C6/JHSoft.Web.PlanSummarize/UserSel.aspx'. The issue is triggered by the manipulation of the DeptIDList argument within an unknown function of that file. SQL...

7.5CVSS7.1AI score0.00259EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2026/05/01 12:0 a.m.6 views

Self-Adaptive Multi-Agent LLM-Based Security Pattern Selection for IoT Systems

The adoption of Internet of Things IoT systems at the network edge of smart architectures is increasing rapidly, intensifying the need for security mechanisms that are both adaptive and resource-efficient. In such environments, runtime defence mechanisms are no longer limited to detection alone b...

5.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.8 views

PT-2026-35877

Name of the Vulnerable Software and Affected Versions CoreDNS affected versions not specified Description The transfer plugin in CoreDNS contains an issue where the wrong Access Control List ACL stanza may be selected when both a parent zone and a more-specific subzone are configured. Although...

8.2CVSS5.8AI score0.00588EPSS
Exploits1References78
OSV
OSV
added 2026/04/27 6:33 p.m.13 views

JLSEC-2026-218 In situations where an attacker receives automated notification of the success or failure of a...

In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted...

4.3CVSS6.1AI score0.03838EPSS
Exploits0References44
Packet Storm News
Packet Storm News
added 2026/04/26 12:0 a.m.4 views

SeqShield: A Behavioral Analysis Approach to Uncover Rootkits

Rootkits are among the most elusive types of malware, capable of bypassing traditional static analysis methods due to their metamorphic behavior. Signature-based detection techniques struggle against these threats, necessitating a shift toward dynamic analysis approaches. We propose SeqShield, a...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.5 views

Semantic Denial of Service in LLM-Controlled Robots

Safety-oriented instruction-following is supposed to keep LLM-controlled robots safe. We show it also creates an availability attack surface. By injecting short safety-plausible phrases 1-5 tokens into a robots audio channel, an adversary can trigger the models safety reasoning to halt or disrupt...

5.6AI score
Exploits0
OSV
OSV
added 2026/04/24 1:8 p.m.4 views

SUSE-SU-2026:21440-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2026-25833: mbedtls: buffer overflow in the x509inetptonipv6 function bsc1261476. - CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello bsc1261477. - CVE-2026-25835: mbedtls: no...

7.7CVSS6AI score0.00308EPSS
Exploits0References9
NVD
NVD
added 2026/04/23 10:16 p.m.3 views

CVE-2026-41353

OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and runtime profile selection. Remote attackers can exploit this by manipulating browser proxy profil...

8.1CVSS0.00335EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/23 9:58 p.m.3 views

CVE-2026-41353 OpenClaw < 2026.3.22 - allowProfiles Bypass via Profile Mutation and Runtime Selection

OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and runtime profile selection. Remote attackers can exploit this by manipulating browser proxy profil...

8.1CVSS5.3AI score0.00335EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/23 9:58 p.m.39 views

CVE-2026-41353 OpenClaw < 2026.3.22 - allowProfiles Bypass via Profile Mutation and Runtime Selection

OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and runtime profile selection. Remote attackers can exploit this by manipulating browser proxy profil...

8.1CVSS0.00335EPSS
Exploits0References3
CVE
CVE
added 2026/04/23 9:58 p.m.26 views

CVE-2026-41353

OpenClaw vulnerable in versions before 2026.3.22 due to an access control bypass in the allowProfiles feature. The root cause is via persistent profile mutation and runtime profile selection, enabling remote attackers to manipulate browser proxy profiles at runtime to access restricted profiles a...

8.1CVSS5.8AI score0.00335EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.9 views

PT-2026-34784

OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile mutation and runtime profile selection. Remote attackers can exploit this by manipulating browser proxy profil...

8.1CVSS5.8AI score0.00335EPSS
Exploits0References5
NVD
NVD
added 2026/04/22 4:16 p.m.5 views

CVE-2018-25262

Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences...

6.9CVSS0.00181EPSS
Exploits1References3
CVE
CVE
added 2026/04/22 2:56 p.m.14 views

CVE-2018-25262

Angry IP Scanner for Linux 3.5.3 contains a denial-of-service vulnerability that crashes the application when a malformed input is supplied in the port selection field. The issue can be triggered by pasting a string containing buffer overflow patterns into the Preferences Ports tab. The CVE notes...

6.9CVSS6AI score0.00181EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/22 2:56 p.m.28 views

CVE-2018-25262 Angry IP Scanner for Linux 3.5.3 Denial of Service

Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences...

6.9CVSS0.00181EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010727)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010727 advisory. The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 Double-Hash...

3.3CVSS6AI score0.00426EPSS
Exploits1References3
Rows per page
Query Builder