Lucene search
K

40449 matches found

Packet Storm News
Packet Storm News
added 2025/06/12 12:0 a.m.3 views

ObfusBFA: a Holistic Approach to Safeguarding DNNs from Different Types of Bit-Flip Attacks

Bit-flip attacks BFAs represent a serious threat to Deep Neural Networks DNNs, where flipping a small number of bits in the model parameters or binary code can significantly degrade the model accuracy or mislead the model prediction in a desired way. Existing defenses exclusively focus on...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/12 12:0 a.m.9 views

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-1661)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: gso: fix ownership in udpgsosegmentCVE-2025-21926 usbnet: gl620a: fix endpoint checking in genelinkbind.CVE-2025-21877 netsched: Prevent...

7.8CVSS7.7AI score0.13626EPSS
Exploits4References113
ICS
ICS
added 2025/06/12 12:0 a.m.7 views

Siemens Mendix Studio Pro

SUMMARY Mendix Studio Pro contains a vulnerability in the module installation process, that could allow an attacker to write or modify arbitrary files in directories outside a developer’s project directory. Siemens has released new versions for several affected products and recommends to update...

6.1CVSS6.6AI score0.00395EPSS
Exploits0References10
Malwarebytes
Malwarebytes
added 2025/06/11 9:48 p.m.10 views

US airline industry quietly selling flight data to DHS

A data broker owned by some of America's biggest airlines has been selling access to customer flight data to the US Department of Homeland Security DHS. The data, compiled by data broker Airlines Reporting Corporation ARC, includes names, flight itineraries, and financial details. It also covers...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/06/11 4:26 p.m.5 views

CVE-2025-6001 VirtueMart - Cross Site Request Forgery (CSRF)

A Cross-Site Request Forgery CSRF vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into the VirtueMart media manager...

8.3CVSS7.2AI score0.00199EPSS
Exploits0References1
NVD
NVD
added 2025/06/11 9:15 a.m.9 views

CVE-2025-41662

Rejected reason: CVE-2025-41662 is considered redundant or unnecessary and thus should be withdrawn. Instead, a new CVE CVE-2025-41687 has been reserved to better reflect the updated analysis...

Exploits0
SUSE Linux
SUSE Linux
added 2025/06/11 5:43 a.m.0 views

Security update for nbdkit

This update for nbdkit fixes the following issues: Update to version 1.36.5. Security fixes: CVE-2025-47712: integer overflow in blocksize filter when processing client block status requests larger than 232 will trigger an assertion failure and cause a denial-of-service. bsc1243108. CVE-2025-4771...

7.1CVSS5.2AI score0.0037EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.6 views

PT-2025-25186 · Weidmueller · Ie-Sr-2Tx-Wl +2

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to a lack of Cross-Site Request Forgery CSRF protection in the Main Web...

8.8CVSS7.4AI score0.00256EPSS
Exploits0References13
CNVD
CNVD
added 2025/06/11 12:0 a.m.1 views

IBM Security Guardium Information Disclosure Vulnerability (CNVD-2025-12296)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium has an information disclosure...

6.5CVSS6.3AI score0.00294EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/11 12:0 a.m.2 views

IBM Security Guardium Information Disclosure Vulnerability (CNVD-2025-12298)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from an information disclosur...

5.3CVSS6.2AI score0.00294EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/11 12:0 a.m.1 views

IBM Security Guardium Information Disclosure Vulnerability (CNVD-2025-12297)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from an information disclosur...

4.3CVSS6.5AI score0.00249EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/11 12:0 a.m.3 views

Cisco Customer Collaboration Platform Information Disclosure Vulnerability

Cisco Customer Collaboration Platform Cisco CCP is a customer collaboration platform from Cisco USA. Cisco Customer Collaboration Platform suffers from an information disclosure vulnerability that stems from the application's inadequate protection of sensitive information, which can be exploited ...

5.4CVSS6.3AI score0.00302EPSS
Exploits0
CNNVD
CNNVD
added 2025/06/11 12:0 a.m.1 views

VirtueMart 跨站请求伪造漏洞

VirtueMart is an open source e-commerce application from VirtueMart, Inc. designed to be used as an extension to Mambo or Joomla! A security vulnerability exists in VirtueMart that stems from a cross-site request forgery protection bypass that could lead to arbitrary file uploads...

8.3CVSS6.7AI score0.00199EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.2 views

TRIDENT -- a Three-Tier Privacy-Preserving Propaganda Detection Model in Mobile Networks Using Transformers, Adversarial Learning, and Differential Privacy

The proliferation of propaganda on mobile platforms raises critical concerns around detection accuracy and user privacy. To address this, we propose TRIDENT - a three-tier propaganda detection model implementing transformers, adversarial learning, and differential privacy which integrates syntact...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.4 views

PT-2025-25187 · Weidmueller · Ie-Sr-2Tx-Wl +2

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to a lack of Cross-Site Request Forgery CSRF protection in the Main Web...

8.8CVSS7.4AI score
Exploits0References10
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.4 views

The Security Overview and Analysis of 3GPP 5G MAC CE

To more effectively control and allocate network resources, MAC CE has been introduced into the network protocol, which is a type of control signaling located in the MAC layer. Since MAC CE lacks encryption and integrity protection mechanisms provided by PDCP, the control signaling carried by MAC...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/11 12:0 a.m.4 views

Devil'S Hand: Data Poisoning Attacks to Locally Private Graph Learning Protocols

Graph neural networks GNNs have achieved significant success in graph representation learning and have been applied to various domains. However, many real-world graphs contain sensitive personal information, such as user profiles in social networks, raising serious privacy concerns when graph...

6.5AI score
Exploits0
CNNVD
CNNVD
added 2025/06/11 12:0 a.m.2 views

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium...

6.7CVSS6.5AI score0.00124EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.2 views

PT-2025-27968

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the SFQ perturb period in the net sched module. The issue was reported by Gerrard Tai, who found that the SFQ perturb...

5.5CVSS6.4AI score0.00162EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/10 11:4 p.m.35 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.2-ifix2 Vulnerability Details CVEID:CVE-2019-12900 DESCRIPTION: BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CWE:CWE-787: Out-of-bounds Write CVSS...

9.8CVSS9.8AI score0.93305EPSS
Exploits5Affected Software1
Rows per page
Query Builder