50 matches found
Rust and Go Directed Fuzzing with LibAFL-DiFuzz
In modern SSDLC, program analysis and automated testing are essential for minimizing vulnerabilities before software release, with fuzzing being a fast and widely used dynamic testing method. However, traditional coverage-guided fuzzing may be less effective in specific tasks like verifying stati...
CVE-2025-67630
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webheadcoder WH Tweaks wh-tweaks allows Stored XSS.This issue affects WH Tweaks: from n/a through = 1.0.2...
EUVD-2025-205277
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webheadcoder WH Tweaks wh-tweaks allows Stored XSS.This issue affects WH Tweaks: from n/a through = 1.0.2...
CVE-2025-67630
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webheadcoder WH Tweaks wh-tweaks allows Stored XSS.This issue affects WH Tweaks: from n/a through = 1.0.2...
CVE-2025-67630 WordPress WH Tweaks plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webheadcoder WH Tweaks wh-tweaks allows Stored XSS.This issue affects WH Tweaks: from n/a through = 1.0.2...
CVE-2025-67630
Technical details for CVE-2025-67630 are not provided in the connected documents. The initial entry notes a stored XSS in WH Tweaks
CVE-2025-67630 WordPress WH Tweaks plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webheadcoder WH Tweaks wh-tweaks allows Stored XSS.This issue affects WH Tweaks: from n/a through = 1.0.2...
PT-2025-53246
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webheadcoder WH Tweaks wh-tweaks allows Stored XSS.This issue affects WH Tweaks: from n/a through = 1.0.2...
WordPress plugin WH Tweaks 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
WordPress WH Tweaks plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin WH Tweaks versions = 1.0.2...
Adaptive Detection of Polymorphic Malware: Leveraging Mutation Engines and YARA Rules for Enhanced Security
Polymorphic malware continually alters its structure to evade signature-based defences, challenging both commercial antivirus AV and enterprise detection systems. This study introduces a reproducible framework for analysing eight polymorphic behaviours-junk code insertion, control-flow obfuscatio...
Malicious code in anidata-haulid-mubdafl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b97bca75603afad159abef1d4af487178d01d628a7187d888016e83d78cf7bc3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dotenv-safe-izar-gatsby-dotenv-parse-variables (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe616df749940f75685ab4e34b7cab78f5ad935cee6c5c5cc11d3fcfc1d3820 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-112311 Malicious code in skilled_gerbil_tomato-11 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 988a266e2eec9fb17bd8935a811a6184b6eff79504309273ca77095f4fbd04db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in theoretical_urial_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dcb6966c505abccd7297a3703b4cf88b4bee1c3c1966a08280e16241d7b48e51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eko-kripik32-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20ef44eb524e2f33da9311071b2ad20c71425176ed20ea5508d81f2f6f734f95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2015-1123
Malware in sbrugna...
CVE-2015-10113
A vulnerability classified as problematic was found in WooFramework Tweaks Plugin up to 1.0.1 on WordPress. Affected by this vulnerability is the function adminscreenlogic of the file wooframework-tweaks.php. The manipulation of the argument url leads to open redirect. The attack can be launched...
Security update for python-wxPython
This update for python-wxPython fixes the following issues: Security issue fixed: CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XMLResumeParser function bsc1232590. Non-security issues fixed: rebuilt for python 3.11 bsc1228252. add repack script, do not include packaging/ d...
CVE-2015-10113
A vulnerability classified as problematic was found in WooFramework Tweaks Plugin up to 1.0.1 on WordPress. Affected by this vulnerability is the function adminscreenlogic of the file wooframework-tweaks.php. The manipulation of the argument url leads to open redirect. The attack can be launched...