MAL-2025-11737 Malicious code in @zalastax/nolb-graph- (npm)

The package @zalastax/nolb-graph- was found to contain malicious code...

MirGuard: Towards a Robust Provenance-Based Intrusion Detection System against Graph Manipulation Attacks

Learning-based Provenance-based Intrusion Detection Systems PIDSes have become essential tools for anomaly detection in host systems due to their ability to capture rich contextual and structural information, as well as their potential to detect unknown attacks. However, recent studies have shown...

Explainable Ensemble Learning for Graph-Based Malware Detection

Malware detection in modern computing environments demands models that are not only accurate but also interpretable and robust to evasive techniques. Graph neural networks GNNs have shown promise in this domain by modeling rich structural dependencies in graph-based program representations such a...

Linux Distros Unpatched Vulnerability : CVE-2025-37940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ftrace: Add condresched to ftracegraphsethash When the kernel contains a large number of functions that can be traced, the loop in ftracegraphsethash may take a...

Linux Distros Unpatched Vulnerability : CVE-2024-39481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: mc: Fix graph walk in mediapipelinestart The graph walk tries to follow all links, ev...

Linux Distros Unpatched Vulnerability : CVE-2022-50113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoc: audio-graph-card2: Fix refcount leak bug in graphgettype We should call ofnodeput for...

Linux Distros Unpatched Vulnerability : CVE-2022-50109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfbofinitdisplay, we should call ofnodeput for the references returned by ofgraphgetnextendpoint and...

Linux Distros Unpatched Vulnerability : CVE-2022-49752

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: device property: fix of node refcount leak in fwnodegraphgetnextendpoint The 'parent' return...

ProvX: Generating Counterfactual-Driven Attack Explanations for Provenance-Based Detection

Provenance graph-based intrusion detection systems are deployed on hosts to defend against increasingly severe Advanced Persistent Threat. Using Graph Neural Networks to detect these threats has become a research focus and has demonstrated exceptional performance. However, the widespread adoption...

Mitigating Distribution Shift in Graph-Based Android Malware Classification Via Function Metadata and LLM Embeddings

Graph-based malware classifiers can achieve over 94% accuracy on standard Android datasets, yet we find they suffer accuracy drops of up to 45% when evaluated on previously unseen malware variants from the same family - a scenario where strong generalization would typically be expected. This...

Topology Generation of UAV Covert Communication Networks: a Graph Diffusion Approach with Incentive Mechanism

With the growing demand for Uncrewed Aerial Vehicle UAV networks in sensitive applications, such as urban monitoring, emergency response, and secure sensing, ensuring reliable connectivity and covert communication has become increasingly vital. However, dynamic mobility and exposure risks pose...

CVE-2012-10029

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

Privacy Risk Predictions Based on Fundamental Understanding of Personal Data and an Evolving Threat Landscape

It is difficult for individuals and organizations to protect personal information without a fundamental understanding of relative privacy risks. By analyzing over 5,000 empirical identity theft and fraud cases, this research identifies which types of personal data are exposed, how frequently...

CVE-2012-10029

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

CVE-2012-10029

Nagios XI Network Monitor with Graph Explorer component prior to version 1.3 is affected by an authenticated command-injection in visApi.php. The issue arises from unsanitized parameters (e.g., host), enabling remote code execution. Affected software/component: Nagios XI (Graph Explorer)

CVE-2012-10029

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

CVE-2012-10029 Nagios XI Network Monitor Graph Explorer Component < 1.3 Authenticated Command Injection

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

CVE-2012-10029 Nagios XI Network Monitor Graph Explorer Component < 1.3 Authenticated Command Injection

Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in visApi.php. An authenticated user can inject system commands via unsanitized parameters such as host, resulting in remote code execution...

HackerOne: DOS via Mutation Aliasing in GraphQL Account Recovery Phone Number Verification API

The GraphQL API's 'verifyAccountRecoveryPhoneNumber' mutation was found to be vulnerable to denial-of-service attacks through mutation aliasing. The vulnerability allowed multiple aliases of the same mutation to be included in a single request, causing the server to process each mutation...

Linux Distros Unpatched Vulnerability : CVE-2025-38327

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable functiongraph tracer when setting funcgraph-args When setting the...