Towards Remote Attestation of Microarchitectural Attacks: The Case of Rowhammer

Microarchitectural vulnerabilities increasingly undermine the assumption that hardware can be treated as a reliable root of trust. Prevention mechanisms often lag behind evolving attack techniques, leaving deployed systems unable to assume continued trustworthiness. We propose a shift from...

Toward a Multi-Layer ML-Based Security Framework for Industrial IoT

The Industrial Internet of Things IIoT introduces significant security challenges as resource-constrained devices become increasingly integrated into critical industrial processes. Existing security approaches typically address threats at a single network layer, often relying on expensive hardwar...

Walma: Learning to See Memory Corruption in WebAssembly

WebAssembly's Wasm monolithic linear memory model facilitates memory corruption attacks that can escalate to cross-site scripting in browsers or go undetected when a malicious host tampers with a module's state. Existing defenses rely on invasive binary instrumentation or custom runtimes, and do...

SUSE SLES12 Security Update : systemd (SUSE-SU-2026:0991-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0991-1 advisory. This update for systemd fixes the following issue: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method...

EUVD-2025-208966

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

EUVD-2025-208964

NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...

CVE-2025-33216

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

CVE-2025-33216

NVIDIA SNAP-4 Container vulnerability CVE-2025-33216 resides in the configuration interface, where crafted configurations can cause an incorrect buffer size calculation, potentially crashing the SNAP service and denying storage access to the host. Affected products: SNAP-4 Container (BlueField-3 ...

CVE-2025-33216

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

CVE-2025-33216

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

CVE-2025-33216

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

CVE-2025-33215

NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...

CVE-2025-33215

CVE-2025-33215 affects NVIDIA SNAP-4 Container, specifically a vulnerability in the VIRTIO-BLK component. A malicious guest VM can trigger an out-of-range pointer offset by sending crafted messages, potentially causing a denial of service and impacting storage availability for other VMs. The NVID...

MAL-2026-2376 Malicious code in nf-promise-state-machine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc012f9411ceaa957f4b364f6b1443d3244155de13f5fc0ccb759ad682bd0ae7 The package nf-promise-state-machine was found to contain malicious code...

Malicious code in nf-promise-state-machine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc012f9411ceaa957f4b364f6b1443d3244155de13f5fc0ccb759ad682bd0ae7 The package nf-promise-state-machine was found to contain malicious code...

RLSA-2026:5578 Moderate: virt:rhel and virt-devel:rhel security update

Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the...

PT-2026-27500

NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...

PT-2026-27501

NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A successful exploit of this vulnerability may lead to crash of the SNAP service, causing denial of servic...

Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions

Impact If a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, the installation process creates an directory that inherits all the permissions of the parent directory. Depending on the location chosen by...

GHSA-R3R2-35V9-V238 Briefcase: Windows MSI Installer Privilege Escalation via Insecure Directory Permissions

Impact If a developer uses Briefcase to produce an Windows MSI installer for a project, and that project is installed for All Users i.e., per-machine scope, the installation process creates an directory that inherits all the permissions of the parent directory. Depending on the location chosen by...