CVE-2019-19968

PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content...

CVE-2016-2139

In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in $filelink in class/KippoInput.class.php...

CVE-2016-2138

In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in xssclean in class/KippoInput.class.php...

Privacy-Aware Cyberterrorism Network Analysis Using Graph Neural Networks and Federated Learning

Cyberterrorism poses a formidable threat to digital infrastructures, with increasing reliance on encrypted, decentralized platforms that obscure threat actor activity. To address the challenge of analyzing such adversarial networks while preserving the privacy of distributed intelligence data, we...

VIVID: a Novel Approach to Remediation Prioritization in Static Application Security Testing (SAST)

Static Application Security Testing SAST enables organizations to detect vulnerabilities in code early; however, major SAST platforms do not include visual aids and present little insight on correlations between tainted data chains. We propose VIVID - Vulnerability Information Via Data flow - a...

SUSE CVE-2025-37934

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Fix pointer check in graphutilparselinkdirection Actually check if the passed pointers are valid, before writing to them. This also fixes a USBAN warning: UBSAN: invalid-load in...

LAGO: Few-Shot Crosslingual Embedding Inversion Attacks Via Language Similarity-Aware Graph Optimization

We propose LAGO - Language Similarity-Aware Graph Optimization - a novel approach for few-shot cross-lingual embedding inversion attacks, addressing critical privacy vulnerabilities in multilingual NLP systems. Unlike prior work in embedding inversion attacks that treat languages independently,...

EC-LDA : Label Distribution Inference Attack against Federated Graph Learning with Embedding Compression

Graph Neural Networks GNNs have been widely used for graph analysis. Federated Graph Learning FGL is an emerging learning framework to collaboratively train graph data from various clients. However, since clients are required to upload model parameters to the server in each round, this provides t...

DEBIAN-CVE-2025-37940

In the Linux kernel, the following vulnerability has been resolved: ftrace: Add condresched to ftracegraphsethash When the kernel contains a large number of functions that can be traced, the loop in ftracegraphsethash may take a lot of time to execute. This may trigger the softlockup watchdog. Ad...

DEBIAN-CVE-2025-37934

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Fix pointer check in graphutilparselinkdirection Actually check if the passed pointers are valid, before writing to them. This also fixes a USBAN warning: UBSAN: invalid-load in...

UBUNTU-CVE-2025-37934

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Fix pointer check in graphutilparselinkdirection Actually check if the passed pointers are valid, before writing to them. This also fixes a USBAN warning: UBSAN: invalid-load in...

UBUNTU-CVE-2025-37940

In the Linux kernel, the following vulnerability has been resolved: ftrace: Add condresched to ftracegraphsethash When the kernel contains a large number of functions that can be traced, the loop in ftracegraphsethash may take a lot of time to execute. This may trigger the softlockup watchdog. Ad...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a missing condresched in ftracegraphsethash...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from insufficient checking of the graphutilparselinkdirection pointer in simple-card-utils...

@jamietanna/patch-testing (>=0.1.0 <=0.2.28), @jamietanna/renovate-graph (>=0.24.0 <=0.30.0) +5 more potentially affected by CVE-2025-47934 via openpgp (>=6.0.0 <=6.1.0)

openpgp NPM version =6.0.0, =0.1.0, =0.24.0, =0.5.2, =7.2.5, =0.40.0, =2.0.0, =39.15.1, =41.0.0-next.22 Source cves: CVE-2025-47934 Source advisory: OSV:GHSA-8QFF-QR5Q-5PR8...

VulCPE: Context-Aware Cybersecurity Vulnerability Retrieval and Management

The dynamic landscape of cybersecurity demands precise and scalable solutions for vulnerability management in heterogeneous systems, where configuration-specific vulnerabilities are often misidentified due to inconsistent data in databases like the National Vulnerability Database NVD. Inaccurate...

@adpt/testutils (>=0.1.0-next.1 <=0.4.0-next.6), @lavamoat/git-safe-dependencies (>=0.1.1 <=0.2.1) +6 more potentially affected by CVE-2025-4759 via lockfile-lint-api (>=1.0.7 <=5.9.1)

lockfile-lint-api NPM version =1.0.7, =0.1.0-next.1, =0.1.1, =1.0.0, =4.3.1-test1, =1.3.0, =1.0.1, =4.2.2, =4.3.1, =4.7.0 Source cves: CVE-2025-4759 Source advisory: OSV:GHSA-7CFR-5CJF-32P4...

Co-Evolutionary Defence of Active Directory Attack Graphs Via GNN-Approximated Dynamic Programming

Modern enterprise networks increasingly rely on Active Directory AD for identity and access management. However, this centralization exposes a single point of failure, allowing adversaries to compromise high-value assets. Existing AD defense approaches often assume static attacker behavior, but...

kernel: coresight: Fix memory leak in acpi_buffer->pointer

In the Linux kernel, the following vulnerability has been resolved: coresight: Fix memory leak in acpibuffer-pointer There are memory leaks reported by kmemleak: ... unreferenced object 0xffff00213c141000 size 1024: comm "systemd-udevd", pid 2123, jiffies 4294909467 age 6062.160s hex dump first 3...

kernel: arm64: set __exception_irq_entry with __irq_entry as a default

A stack trace handling issue was found in ARM64 kernels. Without CONFIGFUNCTIONGRAPHTRACER, the IRQ entry function is not properly marked, causing filterirqstacks to fail and potentially causing stack depot overflow warnings under KASAN...