881 matches found
UBUNTU-CVE-2025-29365
spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in READSTRINGSYSCALL...
CVE-2025-29365
spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in READSTRINGSYSCALL...
Linux Distros Unpatched Vulnerability : CVE-2025-38408
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - genirq/irqsim: Initialize work context pointers properly Initialize ops member's pointers properly by using kzalloc instead of kmalloc when allocating the...
@freon4dsl/server (>=2.0.0-beta.1 <=2.0.0-beta.5), @tachybase/engine (>=1.0.21 <=1.1.2) +3 more potentially affected by CVE-2025-54420 +1 more via koa (=3.0.0)
koa NPM version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on koa and may be impacted: - @freon4dsl/server =2.0.0-beta.1, =1.0.21, =1.3.7, =1.4.0, =15.4.0, =15.4.2 Source cves: CVE-2025-54420, CVE-2025-8129 Source advisory:...
Malicious code in pricing-simulator-lib (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5c1139ad289202a8351450be1d1d9c57ca94946b8d066fbee4fa70796cc7853 Any computer that has this package installed or running should be considered...
MAL-2025-5822 Malicious code in pricing-simulator-lib (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5c1139ad289202a8351450be1d1d9c57ca94946b8d066fbee4fa70796cc7853 Any computer that has this package installed or running should be considered...
CVE-2025-52573
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
CVE-2025-52573
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
CVE-2025-52573 Command Injection in MCP Server ios-simulator-mcp
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
CVE-2025-52573
CVE-2025-52573 affects the iOS Simulator MCP Server (ios-simulator-mcp). The vulnerability arises in the MCP Server’s tool definitions (notably the ui_tap tool) which rely on Node.js child process API exec. When untrusted input is used for parameters such as duration, udid, x, and y, shell meta-c...
CVE-2025-52573 Command Injection in MCP Server ios-simulator-mcp
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
CVE-2025-52573 Command Injection in MCP Server ios-simulator-mcp
iOS Simulator MCP Server ios-simulator-mcp is a Model Context Protocol MCP server for interacting with iOS simulators. Versions prior to 1.3.3 are written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. T...
CyGym: a Simulation-Based Game-Theoretic Analysis Framework for Cybersecurity
We introduce a novel cybersecurity encounter simulator between a network defender and an attacker designed to facilitate game-theoretic modeling and analysis while maintaining many significant features of real cyber defense. Our simulator, built within the OpenAI Gym framework, incorporates...
iOS Simulator MCP Server 操作系统命令注入漏洞
iOS Simulator MCP Server is an MCP server for interacting with iOS Simulator by Joshua Yoes, an individual developer. An operating system command injection vulnerability exists in iOS Simulator MCP Server versions prior to 1.3.3, which stems from a command injection vulnerability in some MCP Serv...
PT-2025-26970 · Apple · Ios Simulator Mcp Server
Name of the Vulnerable Software and Affected Versions: iOS Simulator MCP Server versions prior to 1.3.3 Description: The issue concerns a command injection vulnerability in the MCP Server tool definition and implementation. The MCP Server exposes the tool ui tap, which relies on the Node.js child...
Algorithmic Approaches to Enhance Safety in Autonomous Vehicles: Minimizing Lane Changes and Merging
The rapid advancements in autonomous vehicle AV technology promise enhanced safety and operational efficiency. However, frequent lane changes and merging maneuvers continue to pose significant safety risks and disrupt traffic flow. This paper introduces the Minimizing Lane Change Algorithm MLCA, ...
Delta Electronics COMMGR Insufficient Randomization Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Delta Electronics COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PLC simulator service, which listens on TCP port 8895 by default. By...
CVE-2023-30967
Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on the file system...
CVE-2023-34314
Insecure inherited permissions in some IntelR Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2023-47583
Multiple out-of-bounds read vulnerabilities exist in TELLUS Simulator V4.0.17.0 and earlier. If a user opens a specially crafted file X1 or V9 file, information may be disclosed and/or arbitrary code may be executed...