The vulnerability of the gf_filter_pid_inst_swap_delete_task function in the MP4Box multimedia platform GPAC allows a intruder to cause a service failure.

The vulnerability of the gffilterpidinstswapdeletetask function in the MP4Box multimedia platform GPAC utility is related to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker to cause a service failure...

SUSE-SU-2025:02303-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2025-47183: Fixed out-of-bounds read when parsing mvhd box bsc1244406...

PT-2026-45415

Name of the Vulnerable Software and Affected Versions GPAC Project/MP4Box versions prior to 26.02.0 Description A NULL pointer dereference exists in the gf odf ac4 cfg dsi v1 function within the /odf/descriptors.c file. This issue allows an attacker to cause a Denial of Service DoS, which is a...

PLA: Prompt Learning Attack against Text-To-Image Generative Models

Text-to-Image T2I models have gained widespread adoption across various applications. Despite the success, the potential misuse of T2I models poses significant risks of generating Not-Safe-For-Work NSFW content. To investigate the vulnerability of T2I models, this paper delves into adversarial...

Mitigating Watermark Stealing Attacks in Generative Models Via Multi-Key Watermarking

Watermarking offers a promising solution for GenAI providers to establish the provenance of their generated content. A watermark is a hidden signal embedded in the generated content, whose presence can later be verified using a secret watermarking key. A threat to GenAI providers are \emphwaterma...

The vulnerability of the avidmx_process() function (filters/dmx_avi.c) in the MP4Box utility of the GPAC multimedia platform, which allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the avidmxprocess function filters/dmxavi.c in the MP4Box utility of the GPAC multimedia platform is related to the lack of checks for division by zero when processing the numframes parameter for AVI files. Exploiting this vulnerability could allow an attacker to execute...

When There Is No Decoder: Removing Watermarks from Stable Diffusion Models in a No-Box Setting

Watermarking has emerged as a promising solution to counter harmful or deceptive AI-generated content by embedding hidden identifiers that trace content origins. However, the robustness of current watermarking techniques is still largely unexplored, raising critical questions about their...

Hostel Management System empty_rooms.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchbox in the file /emptyrooms.php. An attacker can use this vulnerability to...

Hostel Management System allocated_rooms.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchbox in the file /allocatedrooms.php. An attacker can use this vulnerabilit...

On the Feasibility of Poisoning Text-To-Image AI Models Via Adversarial Mislabeling

Today's text-to-image generative models are trained on millions of images sourced from the Internet, each paired with a detailed caption produced by Vision-Language Models VLMs. This part of the training pipeline is critical for supplying the models with large volumes of high-quality image-captio...

Boosting Generative Adversarial Transferability with Self-Supervised Vision Transformer Features

The ability of deep neural networks DNNs come from extracting and interpreting features from the data provided. By exploiting intermediate features in DNNs instead of relying on hard labels, we craft adversarial perturbation that generalize more effectively, boosting black-box transferability...

Vulnerability Disclosure through Adaptive Black-Box Adversarial Attacks on NIDS

Adversarial attacks, wherein slight inputs are carefully crafted to mislead intelligent models, have attracted increasing attention. However, a critical gap persists between theoretical advancements and practical application, particularly in structured data like network traffic, where...

Assessing Risk of Stealing Proprietary Models for Medical Imaging Tasks

The success of deep learning in medical imaging applications has led several companies to deploy proprietary models in diagnostic workflows, offering monetized services. Even though model weights are hidden to protect the intellectual property of the service provider, these models are exposed to...

Hostel Management System allocate_room.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchbox in the file /allocateroom.php. An attacker can exploit this...

Alphabet Index Mapping: Jailbreaking LLMs through Semantic Dissimilarity

Large Language Models LLMs have demonstrated remarkable capabilities, yet their susceptibility to adversarial attacks, particularly jailbreaking, poses significant safety and ethical concerns. While numerous jailbreak methods exist, many suffer from computational expense, high token usage, or...

Pushing the Limits of Safety: a Technical Report on the ATLAS Challenge 2025

Multimodal Large Language Models MLLMs have enabled transformative advancements across diverse applications but remain susceptible to safety threats, especially jailbreak attacks that induce harmful outputs. To systematically evaluate and improve their safety, we organized the Adversarial Testing...

QGuard:Question-Based Zero-Shot Guard for Multi-Modal LLM Safety

The recent advancements in Large Language ModelsLLMs have had a significant impact on a wide range of fields, from general domains to specialized areas. However, these advancements have also significantly increased the potential for malicious users to exploit harmful and jailbreak prompts for...

Enhancing One-run Privacy Auditing with Quantile Regression-Based Membership Inference

Differential privacy DP auditing aims to provide empirical lower bounds on the privacy guarantees of DP mechanisms like DP-SGD. While some existing techniques require many training runs that are prohibitively costly, recent work introduces one-run auditing approaches that effectively audit DP-SGD...

AIRTBench: Measuring Autonomous AI Red Teaming Capabilities in Language Models

We introduce AIRTBench, an AI red teaming benchmark for evaluating language models' ability to autonomously discover and exploit Artificial Intelligence and Machine Learning AI/ML security vulnerabilities. The benchmark consists of 70 realistic black-box capture-the-flag CTF challenges from the...

Code-Projects Hostel Management System 注入漏洞

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter searchbox in the file /allocatedrooms.php. An attacker can use this vulnerabilit...