CVE-2019-20634

An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails tha...

CVE-2019-8760

This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID...

CVE-2013-3599

userlogin.jsp in Coursemill Learning Management System LMS 6.6 and 6.8 allows remote attackers to gain privileges via a modified user-role value to home.html...

CVE-2013-3604

Multiple cross-site scripting XSS vulnerabilities in Coursemill Learning Management System LMS 6.6 allow remote attackers to inject arbitrary web script or HTML via crafted input...

CVE-2013-3602

SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System LMS 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter...

CVE-2013-3603

Cross-site scripting XSS vulnerability in Coursemill Learning Management System LMS 6.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...

CVE-2013-3605

Cross-site request forgery CSRF vulnerability in Coursemill Learning Management System LMS 6.6 allows remote attackers to hijack the authentication of arbitrary users via vectors related to cookies...

CVE-2013-5707

Multiple cross-site scripting XSS vulnerabilities in Coursemill Learning Management System LMS 6.8 allow remote attackers to inject arbitrary web script or HTML via crafted input containing a %22 sequence, a different issue than CVE-2013-3604...

CVE-2013-3600

Coursemill Learning Management System LMS 6.6 allows remote authenticated users to gain privileges via a modified userid value to unspecified functions...

Interpretable Anomaly Detection in Encrypted Traffic Using SHAP with Machine Learning Models

The widespread adoption of encrypted communication protocols such as HTTPS and TLS has enhanced data privacy but also rendered traditional anomaly detection techniques less effective, as they often rely on inspecting unencrypted payloads. This study aims to develop an interpretable machine...

Energy Consumption Framework and Analysis of Post-Quantum Key-Generation on Embedded Devices

The emergence of quantum computing and Shor's algorithm necessitates an imminent shift from current public key cryptography techniques to post-quantum robust techniques. NIST has responded by standardising Post-Quantum Cryptography PQC algorithms, with ML-KEM FIPS-203 slated to replace ECDH...

CoTSRF: Utilize Chain of Thought As Stealthy and Robust Fingerprint of Large Language Models

Despite providing superior performance, open-source large language models LLMs are vulnerable to abusive usage. To address this issue, recent works propose LLM fingerprinting methods to identify the specific source LLMs behind suspect applications. However, these methods fail to provide stealthy...

Privacy-Aware Cyberterrorism Network Analysis Using Graph Neural Networks and Federated Learning

Cyberterrorism poses a formidable threat to digital infrastructures, with increasing reliance on encrypted, decentralized platforms that obscure threat actor activity. To address the challenge of analyzing such adversarial networks while preserving the privacy of distributed intelligence data, we...

Password Strength Detection Via Machine Learning: Analysis, Modeling, and Evaluation

As network security issues continue gaining prominence, password security has become crucial in safeguarding personal information and network systems. This study first introduces various methods for system password cracking, outlines password defense strategies, and discusses the application of...

CVE-2005-4338

announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to gain administrator privileges by setting the context parameter to "admin"...

CVE-2005-4339

Cross-site scripting XSS vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the...

CVE-2005-4341

Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to list all available categories via a blank categoryid parameter to category.pl. NOTE: it is not clear whether this information is sensitive or not, so this...

CVE-2005-4337

The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified userid parameter and a "/" in the encodedpw parameter...

A Survey on Secure Machine Learning

In this survey, we will explore the interaction between secure multiparty computation and the area of machine learning. Recent advances in secure multiparty computation MPC have significantly improved its applicability in the realm of machine learning ML, offering robust solutions for...

Federated Learning-Enhanced Blockchain Framework for Privacy-Preserving Intrusion Detection in Industrial IoT

Industrial Internet of Things IIoT systems have become integral to smart manufacturing, yet their growing connectivity has also exposed them to significant cybersecurity threats. Traditional intrusion detection systems IDS often rely on centralized architectures that raise concerns over data...