CVE-2025-46707

Software installed and running inside a Guest VM may override Firmware's state and gain access to the GPU...

CVE-2025-46707 GPU DDK - Guest VM can override its own FW VZ connection state after the FW has close it

Software installed and running inside a Guest VM may override Firmware's state and gain access to the GPU...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that stems from a Guest VM that may overwrite the firmware state, potentially leading to unauthorized access to the GPU...

Infineon PSoC4 安全漏洞

Infineon PSoC4 is a programmable system-on-chip PSoC product family from Infineon Germany. A security vulnerability exists in Infineon PSoC4 version v3.66, which stems from a BLE stack state machine transition flaw that could lead to authentication bypass...

PT-2025-27241 · Cypress · Cypress Psoc4

Name of the Vulnerable Software and Affected Versions: Cypress PSoC4 version 3.66 Description: A state machine transition flaw in the Bluetooth Low Energy BLE stack allows attackers to bypass the pairing process and authentication via a crafted pairing failed packet. This flaw enables attackers t...

Adversarial Threats in Quantum Machine Learning: a Survey of Attacks and Defenses

Quantum Machine Learning QML integrates quantum computing with classical machine learning, primarily to solve classification, regression and generative tasks. However, its rapid development raises critical security challenges in the Noisy Intermediate-Scale Quantum NISQ era. This chapter examines...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation via the machine init process. An attacker can intercept or manipulate data in transit by performing a man-in-the-middle attack during the download of VM images from an OCI registry. Workaround This...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation via the machine init process. An attacker can intercept or manipulate data in transit by performing a man-in-the-middle attack during the download of VM images from an OCI registry. Workaround This...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation via the machine init process. An attacker can intercept or manipulate data in transit by performing a man-in-the-middle attack during the download of VM images from an OCI registry. Workaround This...

CVE-2025-52890

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...

CVE-2025-52890

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...

CVE-2025-52890 Incus vulnerable to antispoofing nftables firewall rule bypass on bridge networks with ACLs

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...

CVE-2025-52889

Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...

Microsoft Azure Machine Learning Environments Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within Azure Machine Learning Environments. The issue results from predictable...

Malicious code in adril712 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e7c681a96f57755e00a35379a33d66fe574b02f5322159aaa4e0539d513f2068 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

DEBIAN-CVE-2025-6032

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...

AZL-64454 CVE-2025-6032 affecting package podman 5.6.1-7

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...

UBUNTU-CVE-2025-6032

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...

Recalling the Forgotten Class Memberships: Unlearned Models Can Be Noisy Labelers to Leak Privacy

Machine Unlearning MU technology facilitates the removal of the influence of specific data instances from trained models on request. Despite rapid advancements in MU technology, its vulnerabilities are still under explored, posing potential risks of privacy breaches through leaks of ostensibly...

A Hybrid Intrusion Detection System with a New Approach to Protect the Cybersecurity of Cloud Computing

Cybersecurity is one of the foremost challenges facing the world of cloud computing. Recently, the widespread adoption of smart devices in cloud computing environments that provide Internet-based services has become prevalent. Therefore, it is essential to consider the security threats in these...