PT-2025-33271 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions prior to 5.0.0 Description: A stored Cross-Site Scripting XSS issue exists in the chart visualization feature. An authenticated user with chart editing permissions can inject a malicious payload into a column's label...

CVE-2025-7739 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 18.2 before 18.2.2 that, under certain conditions, could have allowed authenticated users to achieve stored cross-site scripting by injecting malicious HTML content in scoped label descriptions...

Gitlab -- vulnerabilities

Gitlab reports: Cross-site scripting issue in blob viewer impacts GitLab CE/EE Cross-site scripting issue in labels impacts GitLab CE/EE Cross-site scripting issue in Workitem impacts GitLab CE/EE Improper Handling of Permissions issue in project API impacts GitLab CE/EE Incorrect Privilege...

PT-2025-33265

Name of the Vulnerable Software and Affected Versions: kube-apiserver versions 1.31.11 and earlier kube-apiserver versions 1.32.7 and earlier kube-apiserver versions 1.33.3 and earlier Description: Compromised nodes can delete themselves and relabel via OwnerReferences. An attacker who has gained...

libnvdimm/labels: Fix divide error in nd_label_data_init()

...

Contrastive-KAN: a Semi-Supervised Intrusion Detection Framework for Cybersecurity with Scarce Labeled Data

In the era of the Fourth Industrial Revolution, cybersecurity and intrusion detection systems are vital for the secure and reliable operation of IoT and IIoT environments. A key challenge in this domain is the scarcity of labeled cyber-attack data, as most industrial systems operate under normal...

Split Happens: Combating Advanced Threats with Split Learning and Function Secret Sharing

Split Learning SL -- splits a model into two distinct parts to help protect client data while enhancing Machine Learning ML processes. Though promising, SL has proven vulnerable to different attacks, thus raising concerns about how effective it may be in terms of data privacy. Recent works have...

KeyDroid: a Large-Scale Analysis of Secure Key Storage in Android Apps

Most contemporary mobile devices offer hardware-backed storage for cryptographic keys, user data, and other sensitive credentials. Such hardware protects credentials from extraction by an adversary who has compromised the main operating system, such as a malicious third-party app. Since 2011,...

SUSE-RU-2025:02204-1 Recommended update for aws-nitro-enclaves-cli

This update for aws-nitro-enclaves-cli fixes the following issues: - Fix idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243859 - Update to version 1.4.2 - Update aws-nitro-enclaves-sdk-bootstrap to version f718dea6 - Update to version 1.3.3git0.afb7264 - Update...

Today'S Cat Is Tomorrow'S Dog: Accounting for Time-Based Changes in the Labels of ML Vulnerability Detection Approaches

Vulnerability datasets used for ML testing implicitly contain retrospective information. When tested on the field, one can only use the labels available at the time of training and testing e.g. seen and assumed negatives. As vulnerabilities are discovered across calendar time, labels change and...

CVE-2025-4479

The ElementsKit Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin image comparison widget's before/after labels in all versions up to, and including, 3.5.2 due to insufficient input sanitization and output escaping on user supplied...

SUSE CVE-2022-50012

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam which is again subroutine of earlyinitdevtree...

SUSE CVE-2025-38072

In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in ndlabeldatainit If a faulty CXL memory device returns a broken zero LSA size in its memory device information Identify Memory Device Opcode 4000h, CXL spec. 3.1, 8.2.9.9.1.1, a divide error...

CVE-2022-50012

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam which is again subroutine of earlyinitdevtree...

DEBIAN-CVE-2022-50012

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam which is again subroutine of earlyinitdevtree...

CVE-2022-50012 powerpc/64: Init jump labels before parse_early_param()

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam which is again subroutine of earlyinitdevtree...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: The behavior of “openvswitch: switch to per-action label counting in conntrack” has been corrected. Currently, the ovsctsetlabels function is only called for confirmed conntrack entries within ovsctcommit. However, if the conntra...

Securing AI Agents with Information-Flow Control

As AI agents become increasingly autonomous and capable, ensuring their security against vulnerabilities such as prompt injection becomes critical. This paper explores the use of information-flow control IFC to provide security guarantees for AI agents. We present a formal model to reason about t...

ROS-20250526-04

Vulnerability in Nomad application orchestrator due to ACL policies not using security labels. security labels. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

CVE-2025-24603

Missing Authorization vulnerability in Dmitry V. CEO of "UKR Solution" Print Barcode Labels for your WooCommerce products/orders a4-barcode-generator.This issue affects Print Barcode Labels for your WooCommerce products/orders: from n/a through = 3.4.10...