CVE-2025-31328

SAP Learning Solution is vulnerable to Cross-Site Request Forgery CSRF, allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the...

CVE-2025-31328 Cross-Site Request Forgery (CSRF) vulnerability in SAP S/4 HANA (Learning Solution)

SAP Learning Solution is vulnerable to Cross-Site Request Forgery CSRF, allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-based OData function is named in a way that it violates the expected behaviour. This issue could impact both the...

SAP Learning Solution 跨站请求伪造漏洞

SAP Learning Solution is an enterprise-wide learning management system from SAP. SAP Learning Solution suffers from a cross-site request forgery vulnerability that arises from a web application that does not adequately validate that a request is coming from a trusted user. An attacker could explo...

TrojanDam: Detection-Free Backdoor Defense in Federated Learning through Proactive Model Robustification Utilizing OOD Data

Federated learning FL systems allow decentralized data-owning clients to jointly train a global model through uploading their locally trained updates to a centralized server. The property of decentralization enables adversaries to craft carefully designed backdoor updates to make the global model...

CLPSTNet: a Progressive Multi-Scale Convolutional Steganography Model Integrating Curriculum Learning

In recent years, a large number of works have introduced Convolutional Neural Networks CNNs into image steganography, which transform traditional steganography methods such as hand-crafted features and prior knowledge design into steganography methods that neural networks autonomically learn...

Intelligent Detection of Non-Essential IoT Traffic on the Home Gateway

The rapid expansion of Internet of Things IoT devices, particularly in smart home environments, has introduced considerable security and privacy concerns due to their persistent connectivity and interaction with cloud services. Despite advancements in IoT security, effective privacy measures rema...

How Private Is Your Attention? Bridging Privacy with In-Context Learning

In-context learning ICL-the ability of transformer-based models to perform new tasks from examples provided at inference time-has emerged as a hallmark of modern language models. While recent works have investigated the mechanisms underlying ICL, its feasibility under formal privacy constraints...

PT-2025-17589 · Sap · Sap Learning Solution

Name of the Vulnerable Software and Affected Versions: SAP Learning Solution affected versions not specified Description: The issue allows an attacker to trick an authenticated user into sending unintended requests to the server through Cross-Site Request Forgery CSRF. A GET-based OData function ...

GIFDL: Generated Image Fluctuation Distortion Learning for Enhancing Steganographic Security

Minimum distortion steganography is currently the mainstream method for modification-based steganography. A key issue in this method is how to define steganographic distortion. With the rapid development of deep learning technology, the definition of distortion has evolved from manual design to...

FLARE: Feature-Based Lightweight Aggregation for Robust Evaluation of IoT Intrusion Detection

The proliferation of Internet of Things IoT devices has expanded the attack surface, necessitating efficient intrusion detection systems IDSs for network protection. This paper presents FLARE, a feature-based lightweight aggregation for robust evaluation of IoT intrusion detection to address the...

Mining Characteristics of Vulnerable Smart Contracts across Lifecycle Stages

Smart contracts are the cornerstone of decentralized applications and financial protocols, which extend the application of digital currency transactions. The applications and financial protocols introduce significant security challenges, resulting in substantial economic losses. Existing solution...

The Hardness of Learning Quantum Circuits and Its Cryptographic Applications

We show that concrete hardness assumptions about learning or cloning the output state of a random quantum circuit can be used as the foundation for secure quantum cryptography. In particular, under these assumptions we construct secure one-way state generators OWSGs, digital signature schemes,...

Feature Selection Via GANs (GANFS): Enhancing Machine Learning Models for DDoS Mitigation

Distributed Denial of Service DDoS attacks represent a persistent and evolving threat to modern networked systems, capable of causing large-scale service disruptions. The complexity of such attacks, often hidden within high-dimensional and redundant network traffic data, necessitates robust and...

SUSE CVE-2017-2644

In Moodle 3.x, XSS can occur via evidence of prior learning...

SUSE CVE-2017-2645

In Moodle 3.x, XSS can occur via attachments to evidence of prior learning...

IoT-AMLHP: Aligned Multimodal Learning of Header-Payload Representations for Resource-Efficient Malicious IoT Traffic Classification

Traffic classification is crucial for securing Internet of Things IoT networks. Deep learning-based methods can autonomously extract latent patterns from massive network traffic, demonstrating significant potential for IoT traffic classification tasks. However, the limited computational and spati...

CSI2Dig: Recovering Digit Content from Smartphone Loudspeakers Using Channel State Information

Eavesdropping on sounds emitted by mobile device loudspeakers can capture sensitive digital information, such as SMS verification codes, credit card numbers, and withdrawal passwords, which poses significant security risks. Existing schemes either require expensive specialized equipment, rely on...

Application of Deep Reinforcement Learning for Intrusion Detection in Internet of Things: a Systematic Review

The Internet of Things IoT has significantly expanded the digital landscape, interconnecting an unprecedented array of devices, from home appliances to industrial equipment. This growth enhances functionality, e.g., automation, remote monitoring, and control, and introduces substantial security...

Monitor and Recover: a Paradigm for Future Research on Distribution Shift in Learning-Enabled Cyber-Physical Systems

With the known vulnerability of neural networks to distribution shift, maintaining reliability in learning-enabled cyber-physical systems poses a salient challenge. In response, many existing methods adopt a detect and abstain methodology, aiming to detect distribution shift at inference time so...

Towards Explainable and Lightweight AI for Real-Time Cyber Threat Hunting in Edge Networks

As cyber threats continue to evolve, securing edge networks has become increasingly challenging due to their distributed nature and resource limitations. Many AI-driven threat detection systems rely on complex deep learning models, which, despite their high accuracy, suffer from two major...