Lucene search
K

290 matches found

Nuclei
Nuclei
added 2 days ago8 views

WhatsUp Gold GetStatisticalMonitorList SQL Injection - Authentication Bypass

In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. id: CVE-2024-6671 info: name: WhatsUp Gold GetStatisticalMonitorList SQL Injectio...

9.8CVSS7.5AI score0.14886EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 5:29 p.m.4 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in IBM Semeru Runtime

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in IBM Semeru Runtime. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

7.5CVSS7.1AI score0.00702EPSS
Exploits0Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.11 views

Bridging the Smart City Cybersecurity Data Gap through AI-Driven Synthetic Dataset Generation

Smart cities rely on interconnected cyber-physical systems that integrate sensors, IoT devices, cloud platforms, and AI-driven services and decision-making. While these systems enhance city services, they also introduce complex cybersecurity challenges due to their large attack surfaces,...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/19 12:0 a.m.13 views

Set Shaping Theory As a Complementary Payload-Shaping Layer for Steganography

This paper studies the use of Set Shaping Theory SST as a reversible payload-shaping layer for least significant bit LSB image steganography. The proposal is not intended to replace existing steganographic methods or to compete with them as a new embedding scheme. Instead, SST is positioned as a...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

编号撤回

R is a statistical computing software from The R Foundation. fe is a lightweight, embeddable ANSI C scripting language developed by rxi. This CVE number has been withdrawn...

5.7AI score0.00075EPSS
Exploits0References1
Fedora
Fedora
added 2026/04/08 12:54 a.m.12 views

[SECURITY] Fedora 43 Update: pspp-2.1.1-5.fc43

PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure...

9.8CVSS6.1AI score0.00258EPSS
Exploits5
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of the statistical report area when the number of queues changes. This could lead to...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.9 views

编号撤回

“form” is a form state management program developed by TanStack. “R” is a statistical computing software provided by The R Foundation. This CVE number has been withdrawn...

5.7AI score0.00052EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/02/27 12:0 a.m.3 views

Empowering Future Cybersecurity Leaders: Advancing Students through FINDS Education for Digital Forensic Excellence

The Forensics Investigations Network in Digital Sciences FINDS Research Center of Excellence CoE, funded by the U.S. Army Research Laboratory, advances Digital Forensic Engineering Education DFEE through an integrated research education framework for AI enabled cybersecurity workforce development...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/26 12:0 a.m.13 views

Reverse CAPTCHA: Evaluating LLM Susceptibility to Invisible Unicode Instruction Injection

We introduce Reverse CAPTCHA, an evaluation framework that tests whether large language models follow invisible Unicode-encoded instructions embedded in otherwise normal-looking text. Unlike traditional CAPTCHAs that distinguish humans from machines, our benchmark exploits a capability gap: model...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/18 12:0 a.m.5 views

Regular Expression Denial of Service (ReDoS) Detector

This Metasploit auxiliary module implements a scientific approach to detecting and validating ReDoS vulnerabilities in HTTP-based applications. It leverages context-aware payload generation, length progression testing, and statistical analysis to identify inefficient regular expressions that may...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/02/12 12:0 a.m.64 views

Sparse Autoencoders Are Capable LLM Jailbreak Mitigators

Jailbreak attacks remain a persistent threat to large language model safety. We propose Context-Conditioned Delta Steering CC-Delta, an SAE-based defense that identifies jailbreak-relevant sparse features by comparing token-level representations of the same harmful request with and without...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/27 12:0 a.m.5 views

Burp Suite 2025.12.4 Extension Advanced ReDoS Detector

This Burp Suite Java extension integrates an advanced timing-based ReDoS detection engine into Burp's Active Scanner. It automatically tests HTTP parameters using crafted payloads to identify exponential regex backtracking vulnerabilities. The extension performs warm-up requests, collects baselin...

5.9AI score
Exploits0
EUVD
EUVD
added 2026/01/21 10:27 p.m.5 views

EUVD-2026-4139

FastAPI Api Key has a timing side-channel in verifykey that allows statistical key validity detection...

3.7CVSS5.3AI score0.00254EPSS
Exploits0References5
NVD
NVD
added 2025/12/29 3:15 a.m.8 views

CVE-2025-15168

A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /statistical.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

9.8CVSS0.00329EPSS
Exploits1References5
OSV
OSV
added 2025/12/29 3:15 a.m.5 views

CVE-2025-15168

A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /statistical.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

9.8CVSS5.8AI score0.00329EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/29 2:32 a.m.4 views

CVE-2025-15168 itsourcecode Student Management System statistical.php sql injection

A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /statistical.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used...

7.5CVSS6.8AI score0.00329EPSS
Exploits1References5
CVE
CVE
added 2025/12/29 2:32 a.m.43 views

CVE-2025-15168

The CVE-2025-15168 entry concerns itsourcecode Student Management System (SMS) 1.0. Affected is the function handling the ID parameter in /statistical.php, where manipulating ID enables an SQL injection. The issue allows remote exploitation and is corroborated by multiple sources noting a publicl...

9.8CVSS6.8AI score0.00329EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/12/29 12:0 a.m.6 views

itsourcecode Student Management System 安全漏洞

itsourcecode Student Management System is an open source student management system from itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Student Management System, which stems from an incorrect manipulation of the parameter ID in the file /statistical.php, which may le...

9.8CVSS7.1AI score0.00329EPSS
Exploits1References5
Packet Storm News
Packet Storm News
added 2025/12/25 12:0 a.m.5 views

A Statistical Side-Channel Risk Model for Timing Variability in Lattice-Based Post-Quantum Cryptography

Timing side-channels are an important threat to cryptography that still needs to be addressed in implementations, and the advent of post-quantum cryptography raises this issue because the lattice-based schemes may produce secret-dependent timing variability with the help of complex arithmetic and...

6.9AI score
Exploits0
Rows per page
Query Builder