Lucene search
K

7921 matches found

OSV
OSV
added 2026/02/24 4:18 p.m.4 views

MAL-2026-1019 Malicious code in spark-audit-notify (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c527925d1e7cb4055b6c154326cd54a713ad543349c2b3b6f8ab8f0d75e8cbe During installation, host identification details including AD domain are exfiltrated through a series of functions obfuscating this behavior. --- Category:...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/24 3:18 p.m.9 views

Malicious code in do-not-install-this-package-003 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3b7a8f2037bd4c28a5474af17179da0c12e37019623f5efa4d081d60758d4ac9 During installation, the package exfiltrates env variables and data from different process memory to a remote location --- Category: MALICIOUS - The campaign h...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/02/24 12:19 a.m.7 views

Expected Behavior Violation

Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the PFCP Association Setup Request process. An attacker can cause service disruption and trigger reconnection loops by sending a malformed request that is incorrectly accepted, resulting in an inconsisten...

7.5CVSS5.8AI score0.00355EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/24 12:19 a.m.6 views

Expected Behavior Violation

Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the PFCP Association Setup Request process. An attacker can cause service disruption and trigger reconnection loops by sending a malformed request that is incorrectly accepted, resulting in an inconsisten...

7.5CVSS6AI score0.00355EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/24 12:19 a.m.5 views

Expected Behavior Violation

Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the PFCP Association Setup Request process. An attacker can cause service disruption and trigger reconnection loops by sending a malformed request that is incorrectly accepted, resulting in an inconsisten...

7.5CVSS6AI score0.00355EPSS
Exploits1References2
NVD
NVD
added 2026/02/23 10:16 p.m.7 views

CVE-2025-69232

free5GC is an open-source project for 5th generation 5G mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Improper Input Validation and Protocol Compliance vulnerability leading to Denial of Service. Remote...

7.5CVSS0.00355EPSS
Exploits1References2
CVE
CVE
added 2026/02/23 9:27 p.m.40 views

CVE-2025-69232

CVE-2025-69232 affects free5GC go-upf up to version 1.2.6 and free5gc smf up to 1.4.0. It is an Improper Input Validation and Protocol Compliance vulnerability that can cause Denial of Service: a remote attacker sends a malformed PFCP Association Setup Request, which UPF accepts and enters an inc...

7.5CVSS5.5AI score0.00355EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/02/23 9:27 p.m.7 views

CVE-2025-69232 free5GC hasProtocol Compliance Violation in UPF Leading to SMF Service Disruption

free5GC is an open-source project for 5th generation 5G mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Improper Input Validation and Protocol Compliance vulnerability leading to Denial of Service. Remote...

6.9CVSS5.5AI score0.00355EPSS
Exploits1References2
OSV
OSV
added 2026/02/23 9:27 p.m.6 views

CVE-2025-69232 free5GC hasProtocol Compliance Violation in UPF Leading to SMF Service Disruption

free5GC is an open-source project for 5th generation 5G mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Improper Input Validation and Protocol Compliance vulnerability leading to Denial of Service. Remote...

6.9CVSS5.9AI score0.00355EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/02/23 10:17 a.m.5 views

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. In affected versions the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read...

9.1CVSS5.9AI score0.00756EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/02/23 7:26 a.m.7 views

CVE-2026-2926

A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub4237AC of the file /boafrm/formLteSetup of the component LTE Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The...

9CVSS6.2AI score0.00642EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2026/02/23 12:0 a.m.4 views

An Explainable Memory Forensics Approach for Malware Analysis

Memory forensics is an effective methodology for analyzing living-off-the-land malware, including threats that employ evasion, obfuscation, anti-analysis, and steganographic techniques. By capturing volatile system state, memory analysis enables the recovery of transient artifacts such as decrypt...

6AI score
Exploits0
OSV
OSV
added 2026/02/22 2:51 p.m.7 views

MAL-2026-982 Malicious code in trunket-dev-driver (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9ed872a63bcf6182fad3d7b6cfbe87019ff531f1ecff3a511b10371479c79810 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/02/22 8:24 a.m.158 views

gemini-exploit

Project Demo - Totally Legitimate Software Overview This...

6.6AI score
Exploits0
OSV
OSV
added 2026/02/22 4:48 a.m.17 views

MAL-2026-979 Malicious code in home-robot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f5296b22d674fc768fb08662c83b8de3fd07455f6fc2d4f7b433319551cb808e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
NVD
NVD
added 2026/02/22 2:16 a.m.8 views

CVE-2026-2905

A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploi...

9CVSS0.00556EPSS
Exploits1References5
OSV
OSV
added 2026/02/22 2:16 a.m.5 views

CVE-2026-2905

A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploi...

8.8CVSS6.5AI score0.00556EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/22 1:2 a.m.7 views

CVE-2026-2905

A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploi...

9CVSS6.3AI score0.00556EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/22 1:2 a.m.5 views

CVE-2026-2905 Tenda HG9 Wireless Configuration Endpoint formWlanSetup stack-based overflow

A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploi...

9CVSS8.9AI score0.00556EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/22 12:0 a.m.8 views

Tenda HG9 安全漏洞

The Tenda HG9 is a WiFi router produced by the Chinese company Tenda. The Tenda HG9 300001138 version has a security vulnerability. This vulnerability stems from incorrect handling of parameters “ssid” in the file “Wireless Configuration Endpoint” of the component “boaform/formWlanSetup”, which m...

9CVSS7.6AI score0.00556EPSS
Exploits1References5
Rows per page
Query Builder