3164 matches found
Log2Sig: Frequency-Aware Insider Threat Detection Via Multivariate Behavioral Signal Decomposition
Insider threat detection presents a significant challenge due to the deceptive nature of malicious behaviors, which often resemble legitimate user operations. However, existing approaches typically model system logs as flat event sequences, thereby failing to capture the inherent frequency dynami...
"Energon": Unveiling Transformers from GPU Power and Thermal Side-Channels
Transformers have become the backbone of many Machine Learning ML applications, including language translation, summarization, and computer vision. As these models are increasingly deployed in shared Graphics Processing Unit GPU environments via Machine Learning as a Service MLaaS, concerns aroun...
RLSA-2025:9119 Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Double-free in libvpx encoder CVE-2025-5283 For more details about the security issues, including the impac...
kernel: drm/amd/display: Implement bounds check for stream encoder creation in DCN301
A vulnerability was found in the DRM/AMD/Display module of the Linux Kernel. An out-of-bounds access exists in the 'streamencregs' array within DCN301, while accessing the array with 'engid,’ could lead to an out-of-bounds access beyond its four-element size, which can cause a system crash...
HyDRA: a Hybrid Dual-Mode Network for Closed- and Open-Set RFFI with Optimized VMD
Device recognition is vital for security in wireless communication systems, particularly for applications like access control. Radio Frequency Fingerprint Identification RFFI offers a non-cryptographic solution by exploiting hardware-induced signal distortions. This paper proposes HyDRA, a Hybrid...
CVE-2025-1709 CVE-2025-1709
Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...
spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length
A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...
spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length
A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...
spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length
A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...
spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length
A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...
spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length
A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...
spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length
A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...
DEBIAN-CVE-2025-5878
A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been...
UBUNTU-CVE-2025-5878
A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been...
ARMOR: Robust Reinforcement Learning-Based Control for UAVs under Physical Attacks
Unmanned Aerial Vehicles UAVs depend on onboard sensors for perception, navigation, and control. However, these sensors are susceptible to physical attacks, such as GPS spoofing, that can corrupt state estimates and lead to unsafe behavior. While reinforcement learning RL offers adaptive control...
WebGuard++: Interpretable Malicious URL Detection Via Bidirectional Fusion of HTML Subgraphs and Multi-Scale Convolutional BERT
URL+HTML feature fusion shows promise for robust malicious URL detection, since attacker artifacts persist in DOM structures. However, prior work suffers from four critical shortcomings: 1 incomplete URL modeling, failing to jointly capture lexical patterns and semantic context; 2 HTML graph...
libvpx: Double-free in libvpx encoder
A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...
Shrinking the Generation-Verification Gap with Weak Verifiers
Verifiers can improve language model capabilities by scoring and ranking responses from generated candidates. Currently, high-quality verifiers are either unscalable e.g., humans or limited in utility e.g., tools like Lean. While LM judges and reward models have become broadly useful as...
CVE-2025-38044
In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417 The videodevice for the MPEG encoder did not set devicecaps. Add this, otherwise the video device can't be registered you get a WARNON instead. Not seen before since currently 417 support is...
CVE-2022-50079
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check correct bounds for stream encoder instances for DCN303 Why & How engid for DCN303 cannot be more than 1, since we have only two instances of stream encoders. Check the correct boundary condition for engine ...