CVE-2025-23354

NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensembleclassifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data...

Arbitrary Code Injection

Overview megatron-core is a Megatron Core - a library for efficient and scalable training of transformer based models Affected versions of this package are vulnerable to Arbitrary Code Injection via the ensembleclassifer script. An attacker can execute arbitrary code, escalate privileges, disclos...

CVE-2025-23354

The CVE-2025-23354 issue affects NVIDIA Megatron-LM, specifically the ensemble_classifer script, with a code injection vulnerability that attacker-supplied data can trigger. The vulnerability may enable code execution, privilege escalation, information disclosure, and data tampering. Affected com...

CVE-2025-23354

NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensembleclassifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data...

CVE-2025-23354

NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensembleclassifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data...

PT-2025-39263

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron-LM affected versions not specified Description The software contains a flaw in the ensemble classifer script that could allow an attacker to inject malicious data. Successful exploitation of this issue may result in code...

NVIDIA Megatron-LM 代码注入漏洞

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. A code injection vulnerability exists in the NVIDIA Megatron-LM ensembleclassifer script, which can be exploited by attackers to cause code execution,...

A Non-Monotonic Relationship: an Empirical Analysis of Hybrid Quantum Classifiers for Unseen Ransomware Detection

Detecting unseen ransomware is a critical cybersecurity challenge where classical machine learning often fails. While Quantum Machine Learning QML presents a potential alternative, its application is hindered by the dimensionality gap between classical data and quantum hardware. This paper...

Robust DDoS-Attack Classification with 3D CNNs against Adversarial Methods

Distributed Denial-of-Service DDoS attacks remain a serious threat to online infrastructure, often bypassing detection by altering traffic in subtle ways. We present a method using hive-plot sequences of network data and a 3D convolutional neural network 3D CNN to classify DDoS traffic with high...

CVE-2025-9392

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function qosClassifier of the file /goform/qosClassifier. Such manipulation of the argument...

CVE-2025-9392

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function qosClassifier of the file /goform/qosClassifier. Such manipulation of the argument...

CVE-2025-9392 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 qosClassifier stack-based overflow

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function qosClassifier of the file /goform/qosClassifier. Such manipulation of the argument...

CVE-2025-9392

The CVE-2025-9392 entry concerns Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 devices. The vulnerability is in the qosClassifier function of /goform/qosClassifier, where improper manipulation of dir, sFromPort, sToPort, dFromPort, dToPort, protocol, layer7, dscp, and remark_dscp arguments le...

Linksys多款产品 安全漏洞

Linksys RE6250 and others are a wireless extender from Linksys USA. A security vulnerability exists in various Linksys products, which stems from incorrect manipulation of the parameter dir/sFromPort/sToPort/dFromPort/dToPort/protocol/layer7/dscp/remarkdscp in the /goform/qosClassifier file...

RMSL: Weakly-Supervised Insider Threat Detection with Robust Multi-Sphere Learning

Insider threat detection aims to identify malicious user behavior by analyzing logs that record user interactions. Due to the lack of fine-grained behavior-level annotations, detecting specific behavior-level anomalies within user behavior sequences is challenging. Unsupervised methods face high...

Linux Distros Unpatched Vulnerability : CVE-2021-3715

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification...

A Real-Time, Self-Tuning Moderator Framework for Adversarial Prompt Detection

Ensuring LLM alignment is critical to information security as AI models become increasingly widespread and integrated in society. Unfortunately, many defenses against adversarial attacks and jailbreaking on LLMs cannot adapt quickly to new attacks, degrade model responses to benign prompts, or...

Linux Distros Unpatched Vulnerability : CVE-2023-35788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in flsetgeneveopt in net/sched/clsflower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier...

The vulnerability of the qosClassifier() function (/goform/qosClassifier) in D-Link DIR-816 router software allows a attacker to cause a service failure.

The vulnerability of the qosClassifier function /goform/qosClassifier of D-Link DIR-816 router software lies in the lack of measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending ...

LLMalMorph: on the Feasibility of Generating Variant Malware Using Large-Language-Models

Large Language Models LLMs have transformed software development and automated code generation. Motivated by these advancements, this paper explores the feasibility of LLMs in modifying malware source code to generate variants. We introduce LLMalMorph, a semi-automated framework that leverages...