UBUNTU-CVE-2023-54322

In the Linux kernel, the following vulnerability has been resolved: arm64: set exceptionirqentry with irqentry as a default filterirqstacks is supposed to cut entries which are related irq entries from its call stack. And inirqentrytext which is called by filterirqstacks uses irqentrytextstart/en...

CVE-2023-54322

CVE-2023-54322 (Linux kernel, arm64) : The vulnerability arises in stack trace filtering where filter_irq_stacks() is supposed to drop irq-entry related frames, but on arm64 the irq entry point (gic_handle_irq) is not present when CONFIG_FUNCTION_GRAPH_TRACER is not enabled. This can cause uninte...

PT-2025-54012

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the v4l2-core subsystem, specifically within the v4l2 fwnode parse link function. A resource leak can occur if fwnode graph get remote endpoint fails,...

Toward Trustworthy Agentic AI: A Multimodal Framework for Preventing Prompt Injection Attacks

Powerful autonomous systems, which reason, plan, and converse using and between numerous tools and agents, are made possible by Large Language Models LLMs, Vision-Language Models VLMs, and new agentic AI systems, like LangChain and GraphChain. Nevertheless, this agentic environment increases the...

Multi-Agent Framework for Threat Mitigation and Resilience in AI-Based Systems

Machine learning ML underpins foundation models in finance, healthcare, and critical infrastructure, making them targets for data poisoning, model extraction, prompt injection, automated jailbreaking, and preference-guided black-box attacks that exploit model comparisons. Larger models can be mor...

Toward Real-World IoT Security: Concept Drift-Resilient IoT Botnet Detection Via Latent Space Representation Learning and Alignment

Although AI-based models have achieved high accuracy in IoT threat detection, their deployment in enterprise environments is constrained by reliance on stationary datasets that fail to reflect the dynamic nature of real-world IoT NetFlow traffic, which is frequently affected by concept drift...

EUVD-2005-4893

Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graphview.php script. An authenticated user can inject arbitrary shell commands via the graphstart GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute...

Better Call Graphs: A New Dataset of Function Call Graphs for Malware Classification

Function call graphs FCGs have emerged as a powerful abstraction for malware detection, capturing the behavioral structure of applications beyond surface-level signatures. Their utility in traditional program analysis has been well established, enabling effective classification and analysis of...

CVE-2021-47713

Hasura GraphQL 1.3.3 contains a denial of service vulnerability that allows attackers to overwhelm the service by crafting malicious GraphQL queries with excessive nested fields. Attackers can send repeated requests with extremely long query strings and multiple threads to consume server resource...

Bringing Oracle Cloud Identity to Wiz

Unified visibility into OCI identities, permissions, and policies — mapped into Wiz’s Security Graph...

IoT-Based Android Malware Detection Using Graph Neural Network with Adversarial Defense

Since the Internet of Things IoT is widely adopted using Android applications, detecting malicious Android apps is essential. In recent years, Android graph-based deep learning research has proposed many approaches to extract relationships from applications as graphs to generate graph embeddings...

DREAM: Dynamic Red-Teaming across Environments for AI Models

Large Language Models LLMs are increasingly used in agentic systems, where their interactions with diverse tools and environments create complex, multi-stage safety challenges. However, existing benchmarks mostly rely on static, single-turn assessments that miss vulnerabilities from adaptive,...

CVE-2025-14618

The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...

PROVEX: Enhancing SOC Analyst Trust with Explainable Provenance-Based IDS

Modern intrusion detection systems IDS leverage graph neural networks GNNs to detect malicious activity in system provenance data, but their decisions often remain a black box to analysts. This paper presents a comprehensive XAI framework designed to bridge the trust gap in Security Operations...

WordPress Sweet Energy Efficiency plugin <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Graph Deletion vulnerability discovered by Paolo Tresso - Wordfence in WordPress Plugin Sweet Energy Efficiency versions = 1.0.6...

CVE-2025-14618 Sweet Energy Efficiency <= 1.0.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Graph Deletion

The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweetenergyefficiencyaction' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated attackers...

CVE-2025-14618

CVE-2025-14618 concerns the Sweet Energy Efficiency plugin for WordPress. The description states a missing capability check on the AJAX handler sweet_energy_efficiency_action, affecting all versions up to 1.0.6. This permits authenticated attackers with subscriber-level access and above to read, ...

BIT-GITLAB-2025-12562 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted GraphQL queries that bypass query complexity limits...

BIT-PARSE-2025-68150 Parse Server has Server-Side Request Forgery (SSRF) in Instagram OAuth Adapter

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.2 and 9.1.1, the Instagram authentication adapter allows clients to specify a custom API URL via the apiURL parameter in authData. This enables SSRF attacks and possibly...

PT-2025-52218

The Sweet Energy Efficiency plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on the 'sweet energy efficiency action' AJAX handler in all versions up to, and including, 1.0.6. This makes it possible for authenticated...