Measuring the Carbon Footprint of Cryptographic Privacy-Enhancing Technologies

Privacy-enhancing technologies PETs have attracted significant attention in response to privacy regulations, driving the development of applications that prioritize user data protection. At the same time, the information and communication technology ICT sector faces growing pressure to reduce its...

📄 Easy Hosting Control Panel 20.04.1.b Cross Site Scripting

Easy Hosting Control Panel version 20.04.1.b suffers from a cross site scripting vulnerability in the ftpusername parameter. This enables the attacker to inject malicious JavaScript payloads, leading to session hijacking, redirection to malicious sites, defacement, or other actions performed in t...

Open Source & Fully Managed: Aiven-Powered Databases on Akamai

...

Why AI Systems Use Vector Databases to Improve Performance and Reduce Costs

...

PT-2025-30912 · Xwiki · Xwiki

Name of the Vulnerable Software and Affected Versions: xWiki versions prior to 16.10.6 xWiki versions prior to 17.3.0-rc-1 Description: The application allows execution of arbitrary SQL queries in Oracle databases using functions like DBMS XMLGEN or DBMS XMLQUERY. The XWikisearchDocuments API doe...

Balancing Privacy and Utility in Correlated Data: a Study of Bayesian Differential Privacy

Privacy risks in differentially private DP systems increase significantly when data is correlated, as standard DP metrics often underestimate the resulting privacy leakage, leaving sensitive information vulnerable. Given the ubiquity of dependencies in real-world databases, this oversight poses a...

CVE-2024-56158

XWiki is a generic wiki platform. It's possible to execute any SQL query in Oracle by using the function like DBMSXMLGEN or DBMSXMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function in an HQL query. Thi...

Hermes: High-Performance Homomorphically Encrypted Vector Databases

Whitepaper called Hermes: High-Performance Homomorphically Encrypted Vector Databases...

PhonePe 安全漏洞

PhonePe is a digital wallet and online payment application from PhonePe India. A security vulnerability exists in PhonePe version 25.03.21.0, which stems from a plaintext storage issue in the file /data/data/com.phonepe.app/databases/...

CVE-2023-24773

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list...

CVE-2023-24780

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/columns...

CVE-2023-24777

Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/table/list...

CVE-2022-46337

A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-authenticated Derby installations, this could also allow the attacker to execute malware which was...

Repository Vector Search Methods

The emergence of Large Language Models LLM has propelled Generative AI and surfaced one of its key components to a broad audience: Embeddings. Embeddings are a vector representation of data in a high-dimensional space capturing their semantic meaning. Vector representations allow for more efficie...

CVE-2005-3641

Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username...

Fine-Tuning Your Managed Databases: Optimize Performance with Advanced Parameters

Managed database services DBaaS provide a powerful and scalable approach to deploying and managing databases without the overhead of manual maintenance...

Cryptanalysis of a Lattice-Based PIR Scheme for Arbitrary Database Sizes

Private Information Retrieval PIR schemes enable users to securely retrieve files from a server without disclosing the content of their queries, thereby preserving their privacy. In 2008, Melchor and Gaborit proposed a PIR scheme that achieves a balance between communication overhead and...

PT-2025-19799 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 11.5.0 through 11.5.9 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 12.1.0 through 12.1.1 Description: The issue allows an authenticated user ...

Encrypted Federated Search Using Homomorphic Encryption

The sharing of information between agencies is effective in dealing with cross-jurisdictional criminal activities; however, such sharing is often restricted due to concerns about data privacy, ownership, and compliance. Towards this end, this work has introduced a privacy-preserving federated...

HoneyBee: Efficient Role-Based Access Control for Vector Databases Via Dynamic Partitioning

As vector databases gain traction in enterprise applications, robust access control has become critical to safeguard sensitive data. Access control in these systems is often implemented through hybrid vector queries, which combine nearest neighbor search on vector data with relational predicates...