205 matches found
PT-2025-40333
Name of the Vulnerable Software and Affected Versions Canonical LXD versions prior to 6.5 Canonical LXD versions prior to 5.21.4 Description An information disclosure issue exists in the image export API of Canonical LXD. A network attacker can determine project existence without authentication b...
Unspecified Vulnerability in Multiple Apple Products (CNVD-2025-22673)
Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple macOS Tahoe is an operating system.... A security vulnerability exists in several Apple products that stems from improper handling of sensitive information and can be exploited...
BIT-NIFI-2020-1942
In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and local flow was...
Linux Distros Unpatched Vulnerability : CVE-2023-26053
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle is a build tool with a focus on build automation and support for multi-language development. This is a collision attack on long IDs 64bits for PGP keys...
AuthPrint: Fingerprinting Generative Models against Malicious Model Providers
Generative models are increasingly adopted in high-stakes domains, yet current deployments offer no mechanisms to verify the origin of model outputs. We address this gap by extending model fingerprinting techniques beyond the traditional collaborative setting to one where the model provider may a...
fatt
This is a Python script for extracting network metadata and fingerprints from packet capture files pcap or live network traffic. The script, named "fatt," is designed for monitoring honeypots and other network forensic analysis use cases. It uses the pyshark library, a Python wrapper for tshark,...
AI-generated image watermarks can be easily removed, say researchers
Now that AI can make fake images that look real, how can we know what's legitimate and what isn't? One of the primary ways has been the use of defensive watermarking, which means embedding invisible markers in AI-generated images to show they were made up. Now, researchers have broken that...
iterate Cyberduck和iterate Mountain Duck 安全漏洞
iterate Cyberduck and iterate Mountain Duck are both open source file transfer clients from iterate. A security vulnerability exists in iterate Cyberduck 9.1.6 and earlier and iterate Mountain Duck 4.17.5 and earlier, which stems from the use of SHA-1 to store certificate fingerprints, which coul...
MEraser: an Effective Fingerprint Erasure Approach for Large Language Models
Large Language Models LLMs have become increasingly prevalent across various sectors, raising critical concerns about model ownership and intellectual property protection. Although backdoor-based fingerprinting has emerged as a promising solution for model authentication, effective attacks for...
SpeechVerifier: Robust Acoustic Fingerprint against Tampering Attacks Via Watermarking
With the surge of social media, maliciously tampered public speeches, especially those from influential figures, have seriously affected social stability and public trust. Existing speech tampering detection methods remain insufficient: they either rely on external reference data or fail to be bo...
CVE-2020-1942
In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and local flow was...
CVE-2019-17668
Samsung Galaxy S10 and Note10 devices allow unlock operations via unregistered fingerprints in certain situations involving a third-party screen protector...
OS Fingerprints Detected
Using a combination of remote probes TCP/IP, SMB, HTTP, NTP, SNMP, etc, it was possible to gather one or more fingerprints from the remote system. While the highest-confidence result was reported in plugin 11936, âOS Identificationâ, the complete set of fingerprints detected are reported here...
A Leak of Biometric Police Data Is a Sign of Things to Come
Thousands of fingerprints and facial images linked to police in India have been exposed online. Researchers say it’s a warning of what will happen as the collection of biometric data increases...
CVE-2023-38301
An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...
CVE-2023-38294
Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...
CVE-2023-38295
Certain software builds for the TCL 30Z and TCL 10 Android devices contain a vulnerable, pre-installed app that relies on a missing permission that provides no protection at runtime. The missing permission is required as an access permission by components in various pre-installed apps. On the TCL...
CVE-2023-38296
Various software builds for the following TCL 30Z and TCL A3X devices leak the ICCID to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device identifiers...
CVE-2023-38294
Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...
CVE-2023-38295
Certain software builds for the TCL 30Z and TCL 10 Android devices contain a vulnerable, pre-installed app that relies on a missing permission that provides no protection at runtime. The missing permission is required as an access permission by components in various pre-installed apps. On the TCL...