CVE-2025-6175 CRLF Injection in DECE Software's Geodi

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in DECE Software Geodi allows HTTP Request Splitting. This issue affects Geodi: before GEODI Setup 9.0.146...

CVE-2025-6175 CRLF Injection in DECE Software's Geodi

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in DECE Software Geodi allows HTTP Request Splitting. This issue affects Geodi: before GEODI Setup 9.0.146...

CVE-2025-6175

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in DECE Software Geodi allows HTTP Request Splitting. This issue affects Geodi: before GEODI Setup 9.0.146...

CVE-2025-6175

CVE-2025-6175 describes an Improper Neutralization of CRLF Sequences (CRLF Injection) in DECE Software Geodi that allows HTTP Request Splitting. Affected product: DECE Software Geodi (before GEODI Setup 9.0.146). Root cause documented as improper CRLF handling, enabling split requests. Impact not...

Privacy-Preserving Anonymization of System and Network Event Logs Using Salt-Based Hashing and Temporal Noise

System and network event logs are essential for security analytics, threat detection, and operational monitoring. However, these logs often contain Personally Identifiable Information PII, raising significant privacy concerns when shared or analyzed. A key challenge in log anonymization is...

PT-2025-31198 · Dece · Geodi

Name of the Vulnerable Software and Affected Versions: DECE Software Geodi versions prior to 9.0.146 Description: The software contains an Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability, which allows for HTTP Request Splitting. Recommendations: Update to GEODI Setup...

GUARD-CAN: Graph-Understanding and Recurrent Architecture for CAN Anomaly Detection

Modern in-vehicle networks face various cyber threats due to the lack of encryption and authentication in the Controller Area Network CAN. To address this security issue, this paper presents GUARD-CAN, an anomaly detection framework that combines graph-based representation learning with time-seri...

Security update for pdns-recursor (important)

openSUSE Security Update: Security update for pdns-recursor Announcement ID: openSUSE-SU-2025:0250-1 Rating: important References: 1231292 Cross-References: CVE-2024-25590 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description: This...

Security update for pdns-recursor (important)

openSUSE Security Update: Security update for pdns-recursor Announcement ID: openSUSE-SU-2025:0251-1 Rating: important References: 1231292 Cross-References: CVE-2024-25590 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This...

Relative Path Traversal

Overview assemblyline-service-client is an Assemblyline 4 - Service client Affected versions of this package are vulnerable to Relative Path Traversal via the downloadfile function in the taskhandler.py. An attacker can overwrite arbitrary files, corrupt system files, or potentially execute code ...

OESA-2025-1886 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: An issue ...

OESA-2025-1885 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: An issue ...

OESA-2025-1884 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: An issue ...

OESA-2025-1883 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: In tar in...

OESA-2025-1882 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: In tar in...

OESA-2025-1881 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: In tar in...

Subliminal Learning in AIs

Today's freaky LLM behavior: We study subliminal learning, a surprising phenomenon where language models learn traits from model-generated data that is semantically unrelated to those traits. For example, a "student" model learns to prefer owls when trained on sequences of numbers generated by a...

NewStart CGSL MAIN 7.02 : util-linux Vulnerability (NS-SA-2025-0198)

The remote NewStart CGSL host, running version MAIN 7.02, has util-linux packages installed that are affected by a vulnerability: - wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically...

Alibaba Cloud Linux 3 : 0122: git (ALINUX3-SA-2025:0122)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0122 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-50349: Git is a fast, scalable,...

CVE-2025-51481

Local File Inclusion in dagster.grpc.impl.getnotebookdata in Dagster 1.10.14 allows attackers with access to the gRPC server to read arbitrary files by supplying path traversal sequences in the notebookpath field of ExternalNotebookData requests, bypassing the intended extension-based check...