12645 matches found
Arris VIP1113 安全漏洞
The Arris VIP1113 is a set-top box for high-definition IPTV services from Arris USA. A security vulnerability exists in the Arris VIP1113 version 2025-05-30 and earlier, which stems from the fact that remote file names with space characters in TFTP may lead to local file name control...
FreeFloat FTP Server 安全漏洞
FreeFloat FTP Server is an FTP service from FreeFloat, Inc. A security vulnerability exists in FreeFloat FTP Server version 1.0, which stems from a buffer overflow problem in the PBSZ command handler...
Align Is Not Enough: Multimodal Universal Jailbreak Attack against Multimodal Large Language Models
Large Language Models LLMs have evolved into Multimodal Large Language Models MLLMs, significantly enhancing their capabilities by integrating visual information and other types, thus aligning more closely with the nature of human intelligence, which processes a variety of data forms beyond just...
Important: runfinch-finch
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
Important: soci-snapshotter
Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...
The vulnerability of the h11 library, related to deficiencies in HTTP request processing, allows attackers to influence the confidentiality and integrity of the protected information.
The vulnerability of the h11 library is related to deficiencies in HTTP request processing. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality and integrity of the protected information...
Amazon Linux 2023 : oci-add-hooks (ALAS2023-2025-978)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-978 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...
CVE-2025-5331
A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. This vulnerability affects unknown code of the component NLST Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may...
[SECURITY] [DLA 4187-1] varnish security update
Debian LTS Advisory DLA-4187-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 28, 2025 https://wiki.debian.org/LTS Package : varnish Version : 6.5.1-1+deb11u5 CVE ID : CVE-2025-47905 A client-side desync vulnerability can be triggered in Varnish, a...
Debian dla-4187 : libvarnishapi-dev - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4187 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4187-1 [email protected] https://www.debian.org/lts/security/...
Important: cri-tools
Issue Overview: The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. CVE-2024-24790 The net/http package accepted data in the chunked transfer encoding...
Amazon Linux 2 : nerdctl (ALAS-2025-2863)
The version of nerdctl installed on the remote host is prior to 2.0.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2863 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a...
Amazon Linux 2 : oci-add-hooks (ALASNITRO-ENCLAVES-2025-061)
The version of oci-add-hooks installed on the remote host is prior to 0-0.3.20200504git325a340. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-061 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid...
CVE-2025-5295
A vulnerability classified as critical was found in FreeFloat FTP Server 1.0.0. This vulnerability affects unknown code of the component PORT Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be...
Hackney 安全漏洞
Hackney is a program library from Hackney, Inc. A security vulnerability exists in Hackney that originates from not properly releasing an HTTP connection after processing a 307 redirect response, which could result in a denial of service...
BugWhisperer: Fine-Tuning LLMs for SoC Hardware Vulnerability Detection
The current landscape of system-on-chips SoCs security verification faces challenges due to manual, labor-intensive, and inflexible methodologies. These issues limit the scalability and effectiveness of security protocols, making bug detection at the Register-Transfer Level RTL difficult. This...
TeleMessage 安全漏洞
TeleMessage is a secure and compliant messaging solution for organizations from TeleMessage Israel. A security vulnerability exists in TeleMessage version 2025-05-05 and earlier, which stems from the heap content of a JSP application containing a password sent over HTTP...
Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape
When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach...
A Joint Reconstruction-Triplet Loss Autoencoder Approach Towards Unseen Attack Detection in IoV Networks
Internet of Vehicles IoV systems, while offering significant advancements in transportation efficiency and safety, introduce substantial security vulnerabilities due to their highly interconnected nature. These dynamic systems produce massive amounts of data between vehicles, infrastructure, and...
FreeFloat FTP Server 安全漏洞
FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the failure of the QUOTE Command Handler component to properly validate the length size of input data, no details of the vulnerability are provided at this time...