Enhancing Anomaly-Based Intrusion Detection Systems with Process Mining

Anomaly-based Intrusion Detection Systems IDSs ensure protection against malicious attacks on networked systems. While deep learning-based IDSs achieve effective performance, their limited trustworthiness due to black-box architectures remains a critical constraint. Despite existing explainable...

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from the globally readable...

NVIDIA Megatron-LM 代码注入漏洞

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that originates in a tool component and can be exploited by an attacker to modify the...

AMD CPU 安全漏洞

AMD CPUs are a family of CPUs from AMD. The AMD CPUs suffer from a competitive condition vulnerability that arises from improper handling of concurrent access when concurrent code requires mutually exclusive access to shared resources during operation of a networked system or product. An attacker...

All your building are belong to us

TL;DR Building Management Systems BMS bring new risks to businesses that havent had previous experience of securing Operational Technology OT While there might not be direct financial gain from hacking BMS, these systems can be a soft target for attackers to pivot into your business operations. I...

Tuxera NTFS-3G 缓冲区错误漏洞

Tuxera NTFS-3G is an open source, cross-platform set of drivers from Tuxera Finland for reading and writing NTFS partitions.Tuxera NTFS-3G suffers from a buffer overflow vulnerability that originates when a networked system or product does not properly validate data boundaries when performing...

Microsoft Windows Kernel 信息泄露漏洞

The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows Kernel. The vulnerability arises from errors in configuration, etc. in the operation of a networked system or product...

Stanford CoreNlp 代码问题漏洞

Stanford CoreNlp is a suite of open source, natural language analysis tools written in Java by the Stanford Nlp Group team in the United States. Stanford corenlp has a code issue vulnerability that arises from improper design or implementation during code development of a networked system or...

GPAC 代码问题漏洞

GPAC is an open source multimedia framework. GPAC 1.0.1 contains a security vulnerability that stems from improper design or implementation during the development of code for a networked system or product, which could be exploited by an attacker to conduct a denial-of-service attack...

KONICA MINOLTA MFPs and printing systems 授权问题漏洞

KONICA MINOLTA MFPs and printing systems is a printer from KONICA MINOLTA. An authorization issue vulnerability exists in KONICA MINOLTA MFPs and printing systems, which arises from a lack of or insufficiently strong authentication measures in a networked system or product...

UiPath Assistant trust management issue vulnerability

UiPath Assistant is a specialized tool from UiPath designed to make interacting with bots from the desktop easy and fun.A security vulnerability exists in UiPath Assistant 21.4.4, which stems from a lack of effective trust management mechanisms in networked systems or products. An attacker could...

BusyBox 资源管理错误漏洞

BusyBox is a set of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian personal developer. Busybox suffers from a Resource Management Error vulnerability that arises from mismanagement of system resources e.g., memory, disk space, files, etc. by a networked...

BusyBox 资源管理错误漏洞

BusyBox is a set of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian personal developer. Busybox suffers from a Resource Management Error vulnerability that arises from mismanagement of system resources e.g., memory, disk space, files, etc. by a networked...

Advanced Micro Devices SNP 输入验证错误漏洞

Advanced Micro Devices SNP AMD SNP is a firmware from AMD Advanced Micro Devices, Inc.. The Advanced Micro Devices SNP suffers from an input validation error vulnerability that arises from a networked system or product that does not properly validate incoming data...

Advanced Micro Devices SNP 输入验证错误漏洞

Advanced Micro Devices SNP AMD SNP is a firmware from AMD Advanced Micro Devices, Inc.. The Advanced Micro Devices SNP Firmware suffers from an input validation error vulnerability that arises from a networked system or product that does not properly validate incoming data...

Publify 授权问题漏洞

Publify is a simple but full-featured web publishing software. Publify suffers from a security vulnerability that stems from a lack of effective permissions licensing and access control measures on a networked system or product...

Modern-Async 资源管理错误漏洞

Modern-Async is a modern JavaScript tool library for asynchronous operations using Async/Await and Promise. A resource management error vulnerability exists in modern-async that arises from improper design or implementation during code development for a networked system or product...

FreeBSD 竞争条件问题漏洞

FreeBSD is a set of Unix-like operating systems from the Freebsd Foundation. FreeBSD suffers from a Competing Conditions Problem vulnerability that arises from improper handling of concurrent accesses during operation of a networked system or product where concurrent code requires mutually...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. Google Android suffers from a resource management error vulnerability that arises from improper management of system resources e.g., memory, disk space, files, etc. by a networked system or product...

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 that originates from mismanagement of system resources e.g., memory, disk space, files, etc. by a networked system or product...