Lucene search
+L

826 matches found

Packet Storm News
Packet Storm News
added 2026/02/03 12:0 a.m.5 views

Mopri - an Analysis Framework for Unveiling Privacy Violations in Mobile Apps

Everyday services of society increasingly rely on mobile applications, resulting in a conflicting situation between the possibility of participation on the one side and user privacy and digital freedom on the other. In order to protect users' rights to informational self-determination, regulatory...

5.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/03 12:0 a.m.7 views

I Can't Believe It's Not a Valid Exploit

Recently Large Language Models LLMs have been used in security vulnerability detection tasks including generating proof-of-concept PoC exploits. A PoC exploit is a program used to demonstrate how a vulnerability can be exploited. Several approaches suggest that supporting LLMs with additional...

5.5AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/01 2:36 a.m.189 views

Toxic_Flow_Analysis_Framework_For_Agentic_AI

Toxic Flow Analysis TFA Framework A Secure-by-Design framew...

6AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/02/01 12:23 a.m.9 views

SUSE CVE-2026-23026

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig Fix a memory leak in gpiperipheralconfig where the original memory pointed to by gchan-config could be lost if krealloc fails. The issue occurs when: 1. gchan-config...

2.5CVSS5.8AI score0.00183EPSS
Exploits0References19
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.56 views

Sifting the Noise: A Comparative Study of LLM Agents in Vulnerability False Positive Filtering

Static Application Security Testing SAST tools are essential for identifying software vulnerabilities, but they often produce a high volume of false positives FPs, imposing a substantial manual triage burden on developers. Recent advances in Large Language Model LLM agents offer a promising...

5.4AI score
Exploits0
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: rainshadow-cec: fixed a race condition caused by TOCTOU in raininterrupt In the interrupt handler raininterrupt, the check for buffer fullness on rain-buflen is performed before acquiring rain-buflock. This creates a...

4.7CVSS6.7AI score0.00125EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: fix usbmisc handling usbmisc is an optional device property; therefore, it is completely valid for the corresponding data-usbmiscdata to have a NULL value. This check was performed before dereferencing t...

5.5CVSS6.4AI score0.00155EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the VP8 stateless decoder’s “smatch” warning. A “smatch” static checker warning was fixed in vdecvp8reqif.c. This issue causes the kernel to crash when fb is NULL...

5.5CVSS6.4AI score0.00207EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: A NULL pointer check was added in astvhubinitdev. The variable d-name, returned by devmkasprintf, could potentially be NULL. A pointer check was added to prevent potential NULL pointer dereferencing. This is...

5.5CVSS6.3AI score0.00254EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.83 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mfd: ene-kb3930: Fixed a potential NULL pointer dereferencing issue. The “offgpios” variable could potentially be NULL. A missing check was added in the “kb3930probe” function. This is similar to the issue fixed in commit...

5.5CVSS6.3AI score0.00174EPSS
Exploits0References3
Snyk
Snyk
added 2026/01/26 11:36 p.m.2 views

Cross-site Scripting (XSS)

Overview mobsf is a Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Affected versions of this package are vulnerable to Cross-site...

8.1CVSS6AI score0.0031EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/01/26 12:0 a.m.15 views

AgenticSCR: An Autonomous Agentic Secure Code Review for Immature Vulnerabilities Detection

Secure code review is critical at the pre-commit stage, where vulnerabilities must be caught early under tight latency and limited-context constraints. Existing SAST-based checks are noisy and often miss immature, context-dependent vulnerabilities, while standalone Large Language Models LLMs are...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.9 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37755)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37755 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: libwx: handle pagepooldevallocpages...

5.5CVSS6.8AI score0.00154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-21736)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21736 advisory. - In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in...

5.5CVSS6.7AI score0.00216EPSS
Exploits0References2
Veracode
Veracode
added 2026/01/20 9:50 a.m.9 views

Detection Bypass

fickling is vulnerable to detection bypass. The vulnerability is due to improper handling and analysis of Python builtins during pickle decompilation, which allows an attacker to bypass detection mechanisms and evade static analysis of malicious pickle payloads...

9.3CVSS5.9AI score0.00264EPSS
Exploits0References7Affected Software1
Packet Storm News
Packet Storm News
added 2026/01/20 12:0 a.m.6 views

An Empirical Study on Remote Code Execution in Machine Learning Model Hosting Ecosystems

Model-sharing platforms, such as Hugging Face, ModelScope, and OpenCSG, have become central to modern machine learning development, enabling developers to share, load, and fine-tune pre-trained models with minimal effort. However, the flexibility of these ecosystems introduces a critical security...

6.3AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/19 12:0 a.m.6 views

Static Detection of Core Structures in Tigress Virtualization-Based Obfuscation Using an LLVM Pass

Malware often uses obfuscation to hinder security analysis. Among these techniques, virtualization-based obfuscation is particularly strong because it protects programs by translating original instructions into attacker-defined virtual machine VM bytecode, producing long and complex code that is...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/17 12:0 a.m.6 views

Enhancing Fuzz Testing Efficiency through Automated Fuzz Target Generation

Fuzzing continues to be the most effective method for identifying security vulnerabilities in software. In the context of fuzz testing, the fuzzer supplies varied inputs to fuzz targets, which are designed to comprehensively exercise critical sections of the client code. Various studies have...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/15 12:0 a.m.39 views

Multi-Agent Taint Specification Extraction for Vulnerability Detection

Static Application Security Testing SAST tools using taint analysis are widely viewed as providing higher-quality vulnerability detection results compared to traditional pattern-based approaches. However, performing static taint analysis for JavaScript poses two major challenges. First,...

5.5AI score
Exploits0
NVD
NVD
added 2026/01/13 4:16 p.m.5 views

CVE-2025-68820

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

0.00177EPSS
Exploits0References8
Rows per page
Query Builder