Linux Distros Unpatched Vulnerability : CVE-2021-46943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix setfmt error handling If there in an error during a setfmt, d...

Dell Digital Delivery 安全漏洞

Dell Digital Delivery is a digital software delivery service offered by Dell that allows users to shop for and automatically download and install paid software e.g., Microsoft Office, Photoshop, etc. in tandem with the purchase of a Dell computer. An information disclosure vulnerability exists in...

The vulnerability of microprogrammed software in HP Color LaserJet MFP multifunctional printers, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of microprogrammed software in HP Color LaserJet MFP multifunctional printers is related to insufficient protection for the local address book’s service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Semantic Encryption: Secure and Effective Interaction with Cloud-Based Large Language Models Via Semantic Transformation

The increasing adoption of Cloud-based Large Language Models CLLMs has raised significant concerns regarding data privacy during user interactions. While existing approaches primarily focus on encrypting sensitive information, they often overlook the logical structure of user inputs. This oversig...

Analyzing the Mirai IoT Botnet and Its Recent Variants: Satori, Mukashi, Moobot, and Sonic

Mirai is undoubtedly one of the most significant Internet of Things IoT botnet attacks in history. In terms of its detrimental effects, seamless spread, and low detection rate, it surpassed its predecessors. Its developers released the source code, which triggered the development of several...

Beyond Vulnerabilities: a Survey of Adversarial Attacks As Both Threats and Defenses in Computer Vision Systems

Adversarial attacks against computer vision systems have emerged as a critical research area that challenges the fundamental assumptions about neural network robustness and security. This comprehensive survey examines the evolving landscape of adversarial techniques, revealing their dual nature a...

CVE-2025-54136 Cursor's Modification of MCP Server Definitions Bypasses Manual Re-approvals

Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a...

OpenSearch unauthorized data access on fields protected by field level security if field is a member of an object

Impact OpenSearch versions 2.19.2 and earlier improperly apply Field Level Security FLS rules on fields which are not at the top level of the source document tree i.e., which are members of a JSON object. If an FLS exclusion rule like object is applied to an object valued attribute in a source...

GHSA-RRMM-WQ7Q-H4V5 OpenSearch unauthorized data access on fields protected by field masking for fields of type ip, geo_point, geo_shape, xy_point, xy_shape

Impact OpenSearch versions 2.19.2 and earlier improperly apply field masking rules on fields of the types ip, geopoint, geoshape, xypoint, xyshape. While the content of these fields is properly redacted in the source document returned by search operations, the original unredacted values remain...

CLSA-2025-1754037789 Fix of 5 CVEs

Focal update: v5.4.291 upstream stable release LP: 2106002 // CVE-2025-21760 // CVE-url: https://ubuntu.com/security/CVE-2025-21760 - ndisc: extend RCU protection in ndiscsendskb Focal update: v5.4.291 upstream stable release LP: 2106002 // CVE-2025-21761 // CVE-url:...

3 Key Areas to Focus on When You're Evaluating AI Security

...

CVE-2025-43245

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data...

CVE-2025-43198

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data...

CVE-2025-43260

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps...

CVE-2025-43206

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data...

The vulnerability of the Mobile Security Framework (MobSF), which stems from the lack of protective measures for website structures, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Mobile Security Framework for mobile application security research relates to the lack of protective measures for website structures. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

The vulnerability of the Mozilla Firefox browser on Android operating systems relates to a violation of data protection mechanisms, allowing attackers to circumvent existing security restrictions.

The vulnerability of the Mozilla Firefox browser on Android operating systems is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker to bypass existing security restrictions remotely...

The vulnerability of the MFlash secure data exchange platform lies in the lack of a mechanism to protect the output data used in generating CSV files. This allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the MFlash secure data exchange platform lies in the lack of a mechanism for shielding the output data used in generating CSV files. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the WebContentFilter filter in macOS operating systems allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the WebContentFilter filter in macOS operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

CVE-2023-32251

A vulnerability has been identified in the Linux kernel's ksmbd component kernel SMB/CIFS server. A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the...