117 matches found
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)
An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...
PYSEC-2026-909 pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)
An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...
EUVD-2022-49113
Open Babel has out-of-bounds write in MSI translationVectors...
GHSA-JG3H-PV7C-4F9C Open Babel has out-of-bounds write in Gaussian translationVectors[]
Summary A memory-safety vulnerability in Open Babel's Gaussian output parser allowed an out-of-bounds write into the translationVectors array when reading a crafted input file. Details The Gaussian reader stored periodic-cell translation vectors into a fixed-size translationVectors array. A...
GHSA-VR3P-GG26-45V9 Open Babel has out-of-bounds write in Gaussian coords_type orientation parser
Summary A memory-safety vulnerability in Open Babel's Gaussian output parser allowed an out-of-bounds write when reading a crafted input file. Details The flaw was in the coordstype orientation parser inside the Gaussian output reader. A malformed orientation block caused the parser to write past...
SUSE CVE-2022-46295
Multiple out-of-bounds write vulnerabilities exist in the translationVectors parsing functionality in multiple supported formats of Open Babel 3.1.1 and master commit 530dbfa3. A specially-crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to...
Astra Linux – Vulnerability in ffmpeg
There is a heap-based Buffer Overflow vulnerability in gaussianblur at libavfilter/vfedgedetect.c, which may lead to memory corruption and other potential issues...
Astra Linux – Vulnerability in ffmpeg5
FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow through the ffgaussianblur8 function in libavfilter/edgetemplate.c:116:5 component...
Astra Linux – Vulnerability in ffmpeg
There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in the file libavfilter/vfedgedetect.c within the gaussianblur module. This vulnerability may lead to memory corruption and other potential issues...
Federated Naive Bayes with Real Mixture of Gaussians and Institutional Governance Regularization for Network Intrusion Detection
Federated learning for intrusion detection rests on a flawed premise: that every participating institution contributes equally to the shared model. In practice, a financial institution with mature security controls and low vulnerability exposure produces fundamentally different data than a...
Organizational Security Resource Estimation Via Vulnerability Queueing
We provide an approach that closely estimates an organization's cyber resources directly from vulnerability timestamps, using a non-stationary queueing framework. Traditional attack-surface metrics operate on static snapshots, ignoring the core attack-defense dynamics within information systems,...
Cross-Scale Persistence Analysis of EM Side-Channels for Reference-Free Detection of Always-On Hardware Trojans
Always-on hardware Trojans pose a serious challenge to integrated circuit trust, as they remain active during normal operation and are difficult to detect in post-deployment settings without trusted golden references. This paper presents a reference-free detection framework based on cross-scale...
@hotosm/id (>=2.18.1 <=2.34.0), @janefeel/id (>=2.35.0-dev <=2.35.23) +6 more potentially affected by CVE-2026-27210 via pannellum (=2.5.6)
pannellum NPM version =2.5.6 is affected by a known vulnerability. The following packages have a transitive dependency on pannellum and may be impacted: - @hotosm/id =2.18.1, =2.35.0-dev, =2.35.25, =2.18.5, =2.1.0, =2.33.0, =2.33.3 Source cves: CVE-2026-27210 Source advisory:...
Reference-Free EM Validation Flow for Detecting Triggered Hardware Trojans
Hardware Trojans HTs threaten the trust and reliability of integrated circuits ICs, particularly when triggered HTs remain dormant during standard testing and activate only under rare conditions. Existing electromagnetic EM side-channel-based detection techniques often rely on golden references o...
Reference-Free Spectral Analysis of EM Side-Channels for Always-On Hardware Trojan Detection
Always-on hardware Trojans HTs pose a critical risk to trusted microelectronics, yet most side-channel detection methods rely on unavailable golden references. We present a reference-free approach that combines time-frequency EM analysis with Gaussian Mixture Models GMMs. By applying Short-Time...
SecureDyn-FL: A Robust Privacy-Preserving Federated Learning Framework for Intrusion Detection in IoT Networks
The rapid proliferation of Internet of Things IoT devices across domains such as smart homes, industrial control systems, and healthcare networks has significantly expanded the attack surface for cyber threats, including botnet-driven distributed denial-of-service DDoS, malware injection, and dat...
MAD-OOD: A Deep Learning Cluster-Driven Framework for an Out-Of-Distribution Malware Detection and Classification
Out of distribution OOD detection remains a critical challenge in malware classification due to the substantial intra family variability introduced by polymorphic and metamorphic malware variants. Most existing deep learning based malware detectors rely on closed world assumptions and fail to...
Random Coding for Long-Range Continuous-Variable QKD
Quantum Key Distribution QKD schemes are key exchange protocols based on the physical properties of quantum channels. They avoid the computational-hardness assumptions that underlie the security of classical key exchange. Continuous-Variable QKD CVQKD, in contrast to qubit-based discrete-variable...
An Introductory Review of the Theory of Continuous-Variable Quantum Key Distribution: Fundamentals, Protocols, and Security
Continuous-variable quantum key distribution CV-QKD has emerged as a promising approach for secure quantum communication, offering advantages such as high key generation rates, compatibility with standard telecommunication infrastructure, and potential for integration on photonic chips. This revi...
JLSEC-2025-131 FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ff_gaussian_blur_8 function ...
FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ffgaussianblur8 function in libavfilter/edgetemplate.c:116:5 component...