Linux Distros Unpatched Vulnerability : CVE-2022-50144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soundwire: revisit driver bind/unbind and callbacks In the SoundWire probe, we store a pointer from the driver ops into the 'slave' structure. This can lead to...

Linux Distros Unpatched Vulnerability : CVE-2021-3326

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an...

Leveraging Large Language Models for SQL Behavior-Based Database Intrusion Detection

Database systems are extensively used to store critical data across various domains. However, the frequency of abnormal database access behaviors, such as database intrusion by internal and external attacks, continues to rise. Internal masqueraders often have greater organizational knowledge,...

MambaITD: an Efficient Cross-Modal Mamba Network for Insider Threat Detection

Enterprises are facing increasing risks of insider threats, while existing detection methods are unable to effectively address these challenges due to reasons such as insufficient temporal dynamic feature modeling, computational efficiency and real-time bottlenecks and cross-modal information...

Multi-Stage Knowledge-Distilled VGAE and GAT for Robust Controller-Area-Network Intrusion Detection

The Controller Area Network CAN protocol is a standard for in-vehicle communication but remains susceptible to cyber-attacks due to its lack of built-in security. This paper presents a multi-stage intrusion detection framework leveraging unsupervised anomaly detection and supervised graph learnin...

Log2Sig: Frequency-Aware Insider Threat Detection Via Multivariate Behavioral Signal Decomposition

Insider threat detection presents a significant challenge due to the deceptive nature of malicious behaviors, which often resemble legitimate user operations. However, existing approaches typically model system logs as flat event sequences, thereby failing to capture the inherent frequency dynami...

Directory Traversal

Overview topthink/framework is a The ThinkPHP Framework. Affected versions of this package are vulnerable to Directory Traversal via the routecheck function. An attacker can execute arbitrary code on the system by sending specially crafted requests that exploit improper path validation. Details A...

Directory Traversal

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Directory Traversal via imprope...

Directory Traversal

Overview ipx is a High performance, secure and easy-to-use image optimizer. Affected versions of this package are vulnerable to Directory Traversal via the ipxFSStorage function in the storage/node-fs.ts file, which checks whether a path is within allowed directories. An attacker can access files...

Simulating Cyberattacks through a Breach Attack Simulation (BAS) Platform Empowered by Security Chaos Engineering (SCE)

In today digital landscape, organizations face constantly evolving cyber threats, making it essential to discover slippery attack vectors through novel techniques like Security Chaos Engineering SCE, which allows teams to test defenses and identify vulnerabilities effectively. This paper proposes...

Linux Distros Unpatched Vulnerability : CVE-2019-25013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The iconv feature in the GNU C Library aka glibc or libc6 through 2.32, when processing invalid multi- byte input sequences in the EUC-KR encoding, may have a...

SUSE CVE-2025-4981

Mattermost versions 10.5.x = 10.5.5, 9.11.x = 9.11.15, 10.8.x = 10.8.0, 10.7.x = 10.7.2, 10.6.x = 10.6.5 fail to sanitize filenames in the archive extractor which allows authenticated users to write files to arbitrary locations on the filesystem via uploading archives with path traversal sequence...

SUSE CVE-2025-54386

Traefik is an HTTP reverse proxy and load balancer. In versions 2.11.27 and below, 3.0.0 through 3.4.4 and 3.5.0-rc1, a path traversal vulnerability was discovered in WASM Traefik's plugin installation mechanism. By supplying a maliciously crafted ZIP archive containing file paths with ../...

Directory Traversal

Overview vvvebjs is a Drag and drop website builder javascript library Affected versions of this package are vulnerable to Directory Traversal via the File argument in the /save.php endpoint. An attacker can access or modify files outside the intended directory by supplying crafted input to the...

Directory Traversal

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Directory Traversal via the addcrypted endpoint when processing the package parameter. An attacker can achieve arbitrary file write and execute malicious co...

Unpacking Qualys Agentic AI: Technical Insights into Its Architecture and Capabilities

Agentic AI revolutionizes how enterprise organizations leverage artificial intelligence by introducing systems designed to function as autonomous agents capable of planning, decision-making, and executing complex workflows with minimal human oversight. Unlike traditional AI, which often performs...

CVE-2013-10062

A directory traversal vulnerability exists in Linksys router's web interface tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05, specifically in the /apply.cgi endpoint. Authenticated attackers can exploit the nextpage POST parameter to access arbitrary files outside the...

CVE-2013-10063

A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions = 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can expose sensitive...

LLM-Assisted Model-Based Fuzzing of Protocol Implementations

Testing network protocol implementations is critical for ensuring the reliability, security, and interoperability of distributed systems. Faults in protocol behavior can lead to vulnerabilities and system failures, especially in real-time and mission-critical applications. A common approach to...

PRIME: Plasticity-Robust Incremental Model for Encrypted Traffic Classification in Dynamic Network Environments

With the continuous development of network environments and technologies, ensuring cyber security and governance is increasingly challenging. Network traffic classificationETC can analyzes attributes such as application categories and malicious intent, supporting network management services like...