Lucene search
K

12994 matches found

Packet Storm
Packet Storm
added 2026/04/09 12:0 a.m.126 views

📄 Microsoft Malware Protection Engine Type Confusion

Microsoft Malware Protection Engine type confusion vulnerability proof of concept exploit for an older vulnerability from 2017. ================================================================================================================================== | Title : Microsoft Malware Protection...

9.3CVSS7.2AI score0.77207EPSS
Exploits5
Fedora
Fedora
added 2026/03/27 1:18 a.m.7 views

[SECURITY] Fedora 43 Update: rust-wycheproof-0.6.0-1.fc43

Wycheproof test vectors...

9.8CVSS5.8AI score0.00704EPSS
Exploits0
CVE
CVE
added 2026/03/25 10:26 a.m.17 views

CVE-2026-23282

CVE-2026-23282 affects the Linux kernel SMB client (smb2_unlink). The root cause is uninitialised iov structures when SMB2_open_init() or SMB2_close_init() fails (e.g., on reconnect), which can cause oopses when SMB2_open_free(), SMB2_close_free(), or smb2_set_related() are invoked. The fix initi...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/25 10:26 a.m.11 views

CVE-2026-23282 smb: client: fix oops due to uninitialised var in smb2_unlink()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialise...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/03/19 10:7 p.m.14 views

CVE-2026-32026

The CVE-2026-32026 issue affects OpenClaw before version 2026.2.24, where improper path validation in sandbox media handling permits access to absolute paths under the host temporary directory outside the active sandbox root. Exploitation via malicious media references in attachment delivery can ...

8.6CVSS5.9AI score0.00344EPSS
Exploits0References5Affected Software1
Talos Blog
Talos Blog
added 2026/03/19 6:0 p.m.5 views

You have to invite them in

Welcome to this week's edition of the Threat Source newsletter. I found myself watching the Oscars ceremony in its entirety for the first time in a few years. I'm in the U.K., so I watched it the following day. With next week's Year in Review launch looming and several pieces of content still to...

6.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/03/17 12:0 a.m.40 views

Poisoning the Pixels: Revisiting Backdoor Attacks on Semantic Segmentation

Semantic segmentation models are widely deployed in safety-critical applications such as autonomous driving, yet their vulnerability to backdoor attacks remains largely underexplored. Prior segmentation backdoor studies transfer threat settings from existing image classification tasks, focusing...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/06 7:51 a.m.8 views

CVE-2024-57854

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

9.1CVSS5.8AI score0.00409EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.52 views

Improved Leakage Abuse Attacks in Searchable Symmetric Encryption with EBPF Monitoring

Searchable Symmetric Encryption SSE allows users to search over encrypted data stored on untrusted servers, like cloud providers. While SSE hides the content of queries and documents, it still leaks patterns, such as how often a query is made. These leakages have been shown to enable leakage abus...

5.8AI score
Exploits0
NVD
NVD
added 2026/03/05 3:15 a.m.25 views

CVE-2024-57854

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

9.1CVSS0.00409EPSS
Exploits0References3
OSV
OSV
added 2026/03/05 3:15 a.m.7 views

CVE-2024-57854

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

9.1CVSS5.8AI score0.00409EPSS
Exploits0References3
CVE
CVE
added 2026/03/05 2:18 a.m.12 views

CVE-2024-57854

Summary: CVE-2024-57854 affects Net::NSCA::Client for Perl up to version 0.009002, where a cryptographic weakness arises from using a non-cryptographically secure random number generator. The affected code shifted from Crypt::Random to Data::Rand::Obscure (which relies on Perl’s rand()), enabling...

9.1CVSS5.9AI score0.00409EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/05 2:18 a.m.31 views

CVE-2024-57854 Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

0.00409EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/05 2:18 a.m.9 views

CVE-2024-57854

Net::NSCA::Client versions through 0.009002 for Perl uses a poor random number generator. Version v0.003 switched to use Data::Rand::Obscure instead of Crypt::Random for generation of a random initialisation vectors. Data::Rand::Obscure uses Perl's built-in rand function, which is not suitable fo...

5.9AI score0.00409EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.8 views

PT-2026-23618

Name of the Vulnerable Software and Affected Versions Plane versions prior to 1.2.3 Description The webhook URL validation in plane/app/serializers/webhook.py only checks if the IP address is loopback, allowing attackers with workspace ADMIN role to create webhooks pointing to private or internal...

8.5CVSS5.8AI score0.00284EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.9 views

PT-2026-23125

Name of the Vulnerable Software and Affected Versions Net::NSCA::Client versions through 0.009002 Description Net::NSCA::Client for Perl utilizes an inadequate random number generator. Version 0.003 transitioned to using Data::Rand::Obscure instead of Crypt::Random for generating initialization...

9.1CVSS5.8AI score0.00409EPSS
Exploits0References9
NVD
NVD
added 2026/02/25 3:16 a.m.11 views

CVE-2026-27626

OliveTin gives access to predefined shell commands from a web interface. In versions up to and including 3000.10.0, OliveTin's shell mode safety check checkShellArgumentSafety blocks several dangerous argument types but not password. A user supplying a password-typed argument can inject shell...

9.9CVSS0.00448EPSS
Exploits2References1
SUSE CVE
SUSE CVE
added 2026/02/16 12:25 a.m.6 views

SUSE CVE-2026-23174

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

5.2AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/14 4:27 p.m.6 views

EUVD-2026-5865

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

5.2AI score0.00155EPSS
Exploits0References2
Rows per page
Query Builder