Lucene search
K

784 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-25780

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00119EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-1450

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.0105EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1167

Malicious code in bioql PyPI...

7.5CVSS5.4AI score0.00851EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28446

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00211EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-20927

Malicious code in bioql PyPI...

5.3CVSS6.2AI score0.01179EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2025/09/28 12:0 a.m.3 views

SafeSearch: Automated Red-Teaming for the Safety of LLM-Based Search Agents

Search agents connect LLMs to the Internet, enabling access to broader and more up-to-date information. However, unreliable search results may also pose safety threats to end users, establishing a new threat surface. In this work, we conduct two in-the-wild experiments to demonstrate both the...

7.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/09/22 11:3 a.m.6 views

Details About Chinese Surveillance and Propaganda Companies

Details from leaked documents: While people often look at China’s Great Firewall as a single, all-powerful government system unique to China, the actual process of developing and maintaining it works the same way as surveillance technology in the West. Geedge collaborates with academic institutio...

6.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/09/17 6:17 p.m.35 views

gnutls: Vulnerability in GnuTLS SCT extension parsing

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS7AI score0.01179EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/09/17 5:13 p.m.18 views

gnutls: Vulnerability in GnuTLS SCT extension parsing

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

5.3CVSS7AI score0.01179EPSS
Exploits0References5
CISA
CISA
added 2025/09/03 12:0 p.m.4 views

CISA, NSA, and Global Partners Release a Shared Vision of Software Bill of Materials (SBOM) Guidance

CISA, in collaboration with NSA and 19 international partners, released joint guidance outliningA Shared Vision of Software Bill of Materials SBOM for Cybersecurity. This marks a significant step forward in strengthening software supply chain transparency and security worldwide. An SBOM is a form...

6.7AI score
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/09/03 12:0 a.m.3 views

CISA: a Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity

CISA and the National Security Agency NSA in collaboration with 19 international cybersecurity organizations, have released joint guidance outlining a shared global vision of Software Bill of Materials SBOM. This milestone reflects a growing international consensus on the importance of software...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/30 6:18 p.m.5 views

CVE-2025-8700

Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context...

4.8CVSS6.4AI score0.00127EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/08/29 9:13 a.m.6 views

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2025-32988: Fixed double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232. CVE-2025-32989: Fixed heap buffer overread when handling the CT SCT extension during X.509 certificate...

9.2CVSS7.1AI score0.01185EPSS
Exploits0References16
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/28 7:32 a.m.2 views

Malicious code in key-transparency (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/08/28 7:32 a.m.1 views

MAL-2025-41577 Malicious code in key-transparency (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/28 12:0 a.m.4 views

TencentOS Server 4: gnutls (TSSA-2025:0540)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0540 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.2CVSS6.4AI score0.01185EPSS
Exploits0References4
NVD
NVD
added 2025/08/26 1:15 p.m.4 views

CVE-2025-8700

Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context...

4.8CVSS0.00127EPSS
Exploits0References2
NVD
NVD
added 2025/08/26 1:15 p.m.3 views

CVE-2025-53811

The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted...

4.8CVSS0.00119EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/26 12:23 p.m.9 views

CVE-2025-8700 Privilege Escalation via get-task-allow entitlement in Invoice Ninja

Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context...

4.8CVSS0.00127EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/26 12:23 p.m.2 views

CVE-2025-8597 Privilege Escalation via get-task-allow entitlement in MacVim.app

MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context despite...

4.8CVSS6.7AI score0.00127EPSS
Exploits0References2
Rows per page
Query Builder