908 matches found
A Formal Refutation of the Blockchain Trilemma
The so-called blockchain trilemma asserts the impossibility of simultaneously achieving scalability, security, and decentralisation within a single blockchain protocol. In this paper, we formally refute that proposition. Employing predicate logic, formal automata theory, computational complexity...
Siemens多款产品 安全漏洞
Siemens SIPROTEC 5 6MD84 and others are a relay device from Siemens Germany. A security vulnerability exists in various Siemens products that originates from the inclusion of a session identifier in a URL request, which could result in unauthorized access. The following products are affected:...
ZKPROV: a Zero-Knowledge Approach to Dataset Provenance for Large Language Models
As the deployment of large language models LLMs grows in sensitive domains, ensuring the integrity of their computational provenance becomes a critical challenge, particularly in regulated sectors such as healthcare, where strict requirements are applied in dataset usage. We introduce ZKPROV, a...
Exploit for OS Command Injection in Wago Compact_Controller_100_Firmware
CVE-2023-1698 CVE-2023-1698 exploit with golang how t...
Keyed Chaotic Dynamics for Privacy-Preserving Neural Inference
Neural network inference typically operates on raw input data, increasing the risk of exposure during preprocessing and inference. Moreover, neural architectures lack efficient built-in mechanisms for directly authenticating input data. This work introduces a novel encryption method for ensuring...
Compact and Selective Disclosure for Verifiable Credentials
Self-Sovereign Identity SSI is a novel identity model that empowers individuals with full control over their data, enabling them to choose what information to disclose, with whom, and when. This paradigm is rapidly gaining traction worldwide, supported by numerous initiatives such as the European...
CVE-2024-29917
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Compact WP Audio Player allows Stored XSS.This issue affects Compact WP Audio Player: from n/a through 1.9.9...
CVE-2024-56279
Server-Side Request Forgery SSRF vulnerability in mra13 Compact WP Audio Player compact-wp-audio-player allows Server Side Request Forgery.This issue affects Compact WP Audio Player: from n/a through = 1.9.14...
CVE-2023-46509
An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component...
CVE-2023-35177
Certain HP LaserJet Pro print products are potentially vulnerable to a stack-based buffer overflow related to the compact font format parser...
CVE-2023-27518
Buffer overflow vulnerability in the multiple setting pages of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute arbitrary code...
CVE-2023-27512
Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10, and SV-CPT-MC310F versions prior to Ver.8.10, which may allow a remote authenticated attacker to login the affected product with an administrative privilege and perform an unintended operation...
CVE-2023-27521
OS command injection vulnerability in the mail setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows remote authenticated attackers to execute an arbitrary OS command...
CVE-2023-23333
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...
CVE-2023-27920
Improper access control vulnerability in the system date/time setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to alter system date/time of the affected product...
CVE-2023-27514
OS command injection vulnerability in the download page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to execute an arbitrary OS command...
CVE-2022-4542
The Compact WP Audio Player WordPress plugin before 1.9.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against hig...
CVE-2022-44355
SolarView Compact 7.0 is vulnerable to Cross-site Scripting XSS via /networktest.php...
CVE-2022-40881
SolarView Compact 6.00 was discovered to contain a command injection vulnerability via networktest.php...
CVE-2022-44354
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file...