gimp: Multiple use after free in XCF parser

A flaw was found in GIMP when processing XCF image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing use-after-free issues...

gimp: Multiple heap buffer overflows in TGA parser

A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow...

Robust Anomaly Detection in Network Traffic: Evaluating Machine Learning Models on CICIDS2017

Identifying suitable machine learning paradigms for intrusion detection remains critical for building effective and generalizable security solutions. In this study, we present a controlled comparison of four representative models - Multi-Layer Perceptron MLP, 1D Convolutional Neural Network CNN,...

Important: libarchive

Issue Overview: A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory...

Multi-Domain Anomaly Detection in a 5G Network

With the advent of 5G, mobile networks are becoming more dynamic and will therefore present a wider attack surface. To secure these new systems, we propose a multi-domain anomaly detection method that is distinguished by the study of traffic correlation on three dimensions: temporal by analyzing...

Differentially Private Bilevel Optimization: Efficient Algorithms with Near-Optimal Rates

Whitepaper called Differentially Private Bilevel Optimization: Efficient Algorithms With Near-Optimal Rates...

The Amazon Nova Family of Models: Technical Report and Model Card

We present Amazon Nova, a new generation of state-of-the-art foundation models that deliver frontier intelligence and industry-leading price performance. Amazon Nova Pro is a highly-capable multimodal model with the best combination of accuracy, speed, and cost for a wide range of tasks. Amazon...

Advanced Prediction of Hypersonic Missile Trajectories with CNN-LSTM-GRU Architectures

Advancements in the defense industry are paramount for ensuring the safety and security of nations, providing robust protection against emerging threats. Among these threats, hypersonic missiles pose a significant challenge due to their extreme speeds and maneuverability, making accurate trajecto...

From Promise to Peril: Rethinking Cybersecurity Red and Blue Teaming in the Age of LLMs

Large Language Models LLMs are set to reshape cybersecurity by augmenting red and blue team operations. Red teams can exploit LLMs to plan attacks, craft phishing content, simulate adversaries, and generate exploit code. Conversely, blue teams may deploy them for threat intelligence synthesis, ro...

SUSE CVE-2025-6269

A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5Creconstructcacheentry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

SUSE CVE-2025-6270

A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FSsectfindnode of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

OESA-2025-1656 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

VulnCheck KEV: CVE-2025-34021

A server-side request forgery SSRF vulnerability exists in multiple Selea Targa IP OCR-ANPR camera models, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750, and Targa 704 ILB. The application fails to validate user-supplied input in JSON...

📄 FortiOS SSL-VPN 7.4.4 Insufficient Session Expiration / Cookie Reuse

An insufficient session expiration vulnerability in FortiOS SSL-VPN allows an attacker to reuse stale session cookies after logout, potentially leading to unauthorized access. The SVPNTMPCOOKIE remains valid even after the primary SVPNCOOKIE is invalidated during logout. Versions affected include...

The vulnerability of Microsoft Office Word and 365 Apps for Enterprise applications relates to buffer overflows in dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office Word and 365 Apps for Enterprise lies in the overflowing of buffers in the dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created RTF file...

SUSE CVE-2025-20234

A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability...

Security update for perl

This update for perl fixes the following issues: CVE-2025-40909: Do not change the current directory when cloning an open directory handle bsc1244079. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

HDF5 安全漏洞

HDF5 is a library of HDF open source . HDF5 there is a buffer overflow vulnerability , the vulnerability stems from the file H5FSsection.c function H5FSsectfindnode failed to correctly validate the length of the input data size , an attacker can exploit the vulnerability to cause a denial of...

CVE-2025-20234

A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability...

DEBIAN-CVE-2025-20234

A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability...