GNU C Library 安全漏洞

The GNU C Library is an open-source, free C-language compiler program published by the GNU community under the LGPL license. Versions of the GNU C Library 2.43 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a buffer overflow in the nislocalprincipal function,...

EUVD-2025-34657

On the BIG-IP system, undisclosed endpoints that contain static non-sensitive information are accessible to an unauthenticated remote attacker through the Configuration utility. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Data Flows in You: Benchmarking and Improving Static Data-Flow Analysis on Binary Executables

Data-flow analysis is a critical component of security research. Theoretically, accurate data-flow analysis in binary executables is an undecidable problem, due to complexities of binary code. Practically, many binary analysis engines offer some data-flow analysis capability, but we lack...

WordPress plugin KiviCare SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2017-13319

In pvmp3getmaindatasize of pvmp3getmaindatasize.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variables with no additional execution privileges needed. User interaction is not needed for exploitation...

MAL-2023-8276 Malicious code in n-common-static-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05c17f4dab236eeb1c55ab41ae1a96d282e4752ab3eee194cf73869f3354554b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in n-common-static-data (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05c17f4dab236eeb1c55ab41ae1a96d282e4752ab3eee194cf73869f3354554b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

The Benefits of Including Static Data Masking in Your Security Arsenal

Static data masking SDM is defined as, “The act of permanently replacing sensitive data at rest with a realistic fictional equivalent for the purpose of protecting data from unwanted disclosure.” Industry analysts characterize SDM as a must-have data protection layer capable of protecting large...

New Research Paper: Prevalence and impact of low-entropy packing schemes in the malware ecosystem

Detection of malware is a constant battle between the technologies designed to detect and prevent malware and the authors creating them. One common technique adversaries leverage is packing binaries. Packing an executable is similar to applying compression or encryption and can inhibit the abilit...

Static Versus Dynamic Data Masking

Most participants in the trench warfare of IT security agree that the best way to protect data is to apply a layered approach to security. Data masking is a security and privacy enhancing technology recommended by industry analysts as a must-have data protection layer. While terminology varies...