CVE-2025-4587 A/B Testing for WordPress <= 1.18.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The A/B Testing for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ab-testing-for-wp/ab-test-block' block in all versions up to, and including, 1.18.2 due to insufficient input sanitization and output escaping on the 'id' parameter. This makes it...

Brocade Fabric OS 9.1.x < 9.1.1d7 RCE (BSA-2025-2930)

The version of Brocade FabricOS installed on the remote host is 9.1.x prior to 9.1.1d7. It is, therefore, affected by a remote code execution vulnerability as referenced in the BSA-2025-2930 advisory: - Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Citrix Netscaler_Application_Delivery_Controller

Citrix CVE-2025-6543 Script para determinar si Citrix es vul...

CVE-2025-6624

Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables or command line arguments can be exposed when executing Snyk CLI in DEBUG or...

Fedora 41 : firefox (2025-1605ec3e86)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1605ec3e86 advisory. - Updated to latest upstream 140.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

Malicious code in kwp-a-b-testing (npm)

The package communicates with a domain associated with malicious activity...

Poster: Enhancing GNN Robustness for Network Intrusion Detection Via Agent-Based Analysis

Graph Neural Networks GNNs show great promise for Network Intrusion Detection Systems NIDS, particularly in IoT environments, but suffer performance degradation due to distribution drift and lack robustness against realistic adversarial attacks. Current robustness evaluations often rely on...

Exploit for CVE-2025-0133

CVE-2025-0133 Vulnerability Scanner A Bash-based automated sc...

CVE-2025-6285

A vulnerability was found in PHPGurukul COVID19 Testing Management System 2021. It has been rated as problematic. This issue affects some unknown processing of the file /search-report-result.php. The manipulation of the argument q leads to cross site scripting. The attack may be initiated remotel...

Exploit for OS Command Injection in Php

CVE-2024-4577 PHP CGI Remote Code Execution Exploit Author:...

PT-2025-28874

Vulnerability Summary Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.12.33-cloudflare-2025.6.3 and earlier. Description: A flaw exists in the Linux kernel related to improper flushing of XDP redirect lists within the bnxt driver. This can lead to a kernel crash whe...

Nipah virus Testing Management System /registered-user-testing.php SQL Injection Vulnerability

Nipah Virus Testing Management System is an online virus diagnostic platform. The Nipah Virus Testing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter testtype in the file...

Nipah virus Testing Management System /bwdates-report-ds.php file SQL Injection Vulnerability

Nipah Virus Testing Management System is an online virus diagnostic platform. Nipah Virus Testing Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the testtype parameter of the /bwdates-report-ds.php fil...

DUMB and DUMBer: Is Adversarial Training Worth It in the Real World?

Adversarial examples are small and often imperceptible perturbations crafted to fool machine learning models. These attacks seriously threaten the reliability of deep neural networks, especially in security-sensitive domains. Evasion attacks, a form of adversarial attack where input is modified a...

IDOL: Improved Different Optimization Levels Testing for Solidity Compilers

As blockchain technology continues to evolve and mature, smart contracts have become a key driving force behind the digitization and automation of transactions. Smart contracts greatly simplify and refine the traditional business transaction processes, and thus have had a profound impact on vario...

Pushing the Limits of Safety: a Technical Report on the ATLAS Challenge 2025

Multimodal Large Language Models MLLMs have enabled transformative advancements across diverse applications but remain susceptible to safety threats, especially jailbreak attacks that induce harmful outputs. To systematically evaluate and improve their safety, we organized the Adversarial Testing...

LLM-Based Dynamic Differential Testing for Database Connectors with Reinforcement Learning-Guided Prompt Selection

Database connectors are critical components enabling applications to interact with underlying database management systems DBMS, yet their security vulnerabilities often remain overlooked. Unlike traditional software defects, connector vulnerabilities exhibit subtle behavioral patterns and are...

Leveraging GPT-4 for Vulnerability-Witnessing Unit Test Generation

In the life-cycle of software development, testing plays a crucial role in quality assurance. Proper testing not only increases code coverage and prevents regressions but it can also ensure that any potential vulnerabilities in the software are identified and effectively fixed. However, creating...

Navigating the Growing Field of Research on AI for Software Testing

In industry, software testing is the primary method to verify and validate the functionality, performance, security, usability, and so on, of software-based systems. Test automation has gained increasing attention in industry over the last decade, following decades of intense research into test...

CVE-2025-6287

A vulnerability classified as problematic was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /test-details.php of the component Take Action. The manipulation of the argument remark leads to cross site scripting. Th...