Lucene search
K

162 matches found

Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.7 views

CVE-2026-53151

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix the ACK parser to extract the SACK table for parsing Fix modification of the received skbuff in rxrpcinputsoftacks and a potential incorrect access of the buffer in a fragmented UDP packet the packet would probably hav...

9.8CVSS5.9AI score0.00497EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.9 views

High-Precision APT Malware Attribution with Out-Of-Scope Resilience

Early attribution of Advanced Persistent Threat APT activity can help defenders prioritise investigation, select countermeasures, and reduce the impact of an intrusion. Malware provides useful attribution evidence, but automated APT malware attribution remains difficult in practice. Existing...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/05/29 7:8 p.m.79 views

astral-tokio-tar has a PAX Header Desynchronization issue

Impact Versions of astral-tokio-tar prior to 0.6.2 contain a PAX header interpretation bug that allows manipulated entries to be made selectively visible or invisible during extraction with astral-tokio-tar versus other tar implementations. An attacker could use this differential to smuggle...

5.8AI score
Exploits0References3Affected Software1
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.22 views

Hijacking Agent Memory: Stealthy Trojan Attacks through Conversational Interaction

Large language model LLM agents increasingly leverage long term memory to support persistent and autonomous task execution. However, this capability also introduces a new attack surface: memory poisoning, where adversaries can inject malicious information to influence future behavior. Existing...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/26 12:0 a.m.14 views

HammerSim: A System-Level Tool to Model RowHammer

Modern architecture research relies on simulators to evaluate system security, yet analyzing emerging hardware vulnerabilities like RowHammer requires full-system visibility. As RowHammer vulnerabilities worsen with continuous technology scaling, existing simulators lack the system-level models...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/18 12:0 p.m.6 views

RUSTSEC-2026-0145 PAX Header Desynchronization in astral-tokio-tar

Versions of astral-tokio-tar prior to 0.6.2 contain a PAX header interpretation bug that allows manipulated entries to be made selectively visible or invisible during extraction with astral-tokio-tar versus other tar implementations. An attacker could use this differential to smuggle unexpected...

5.8AI score
Exploits0References3
RustSec
RustSec
added 2026/05/18 12:0 p.m.19 views

PAX Header Desynchronization in astral-tokio-tar

Versions of astral-tokio-tar prior to 0.6.2 contain a PAX header interpretation bug that allows manipulated entries to be made selectively visible or invisible during extraction with astral-tokio-tar versus other tar implementations. An attacker could use this differential to smuggle unexpected...

5.8AI score
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2026/05/14 6:27 p.m.9 views

@draadnl/openstad-cms (>=0.12.2 <=0.12.3), apostrophe-personas (>=2.0.0 <=2.2.1) +3 more potentially affected by CVE-2026-45013 via apostrophe (>=0.5.393 <=2.227.12)

apostrophe NPM version =0.5.393, =0.12.2, =2.0.0, =0.5.0, =1.0.0, =1.0.2 Source cves: CVE-2026-45013 Source advisory: OSV:GHSA-GF43-24G3-5HW2...

8.1CVSS5.5AI score0.0025EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/14 6:26 p.m.8 views

@draadnl/openstad-cms (>=0.12.2 <=0.12.3), apostrophe-personas (>=2.0.0 <=2.2.1) +3 more potentially affected by CVE-2026-45012 via apostrophe (>=0.5.393 <=2.227.12)

apostrophe NPM version =0.5.393, =0.12.2, =2.0.0, =0.5.0, =1.0.0, =1.0.2 Source cves: CVE-2026-45012 Source advisory: OSV:GHSA-PR28-MF3Q-QPG6...

7.6CVSS5.5AI score0.00197EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/19 12:0 a.m.9 views

Bit-Flip Vulnerability of Shared KV-Cache Blocks in LLM Serving Systems

Rowhammer on GPU DRAM has enabled adversarial bit flips in model weights; shared KV-cache blocks in LLM serving systems present an analogous but previously unexamined target. In vLLM's Prefix Caching, these blocks exist as a single physical copy without integrity protection. Using software fault...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/16 8:42 p.m.5 views

@draadnl/openstad-cms (>=0.12.2 <=0.12.3), apostrophe-personas (>=2.0.0 <=2.2.1) +3 more potentially affected by CVE-2026-33888 via apostrophe (>=0.5.393 <=2.227.12)

apostrophe NPM version =0.5.393, =0.12.2, =2.0.0, =0.5.0, =1.0.0, =1.0.2 Source cves: CVE-2026-33888 Source advisory: OSV:GHSA-XHQ9-58FW-859P...

5.3CVSS5.8AI score0.00512EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/02/11 12:0 a.m.7 views

GoodVibe: Security-By-Vibe for LLM-Based Code Generation

Large language models LLMs are increasingly used for code generation in fast, informal development workflows, often referred to as vibe coding, where speed and convenience are prioritized, and security requirements are rarely made explicit. In this setting, models frequently produce functionally...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/02 12:0 a.m.23 views

SysFuSS: System-Level Firmware Fuzzing with Selective Symbolic Execution

Firmware serves as the critical interface between hardware and software in computing systems, making any bugs or vulnerabilities particularly dangerous as they can cause catastrophic system failures. While fuzzing is a promising approach for identifying design flaws and security vulnerabilities,...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003677)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003677 advisory. Jonathan Looney discovered that the TCP retransmission queue implementation in tcpfragment in the Linux kernel could be fragmented when handling certain TCP Selectiv...

7.5CVSS6.5AI score0.94686EPSS
Exploits1References32
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002909 advisory. The tcpchecksendhead function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which...

5.5CVSS6.4AI score0.01181EPSS
Exploits5References15
Wired Threat Level
Wired Threat Level
added 2026/01/12 6:48 p.m.6 views

GoFundMe Ignores Own Rules by Hosting a Legal-Defense Fund for the ICE Agent Who Killed Renee Good

The fundraiser for the ICE agent in the Renee Good killing has stayed online in seeming breach of GoFundMe’s own terms of service, prompting questions about selective enforcement...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:53 a.m.9 views

CVE-2013-7333

A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices...

7.8CVSS7AI score0.01118EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/11/22 12:0 a.m.5 views

Building Browser Agents: Architecture, Security, and Practical Solutions

Browser agents enable autonomous web interaction but face critical reliability and security challenges in production. This paper presents findings from building and operating a production browser agent. The analysis examines where current approaches fail and what prevents safe autonomous operatio...

7.5AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:47 a.m.3 views

EUVD-2025-74269

Malicious code in selectivepikefuchsia-11 npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:44 a.m.1 views

EUVD-2025-75682

Malicious code in selectivecanid-apptea npm...

6.6AI score
Exploits0
Rows per page
Query Builder