40449 matches found
ObfusBFA: a Holistic Approach to Safeguarding DNNs from Different Types of Bit-Flip Attacks
Bit-flip attacks BFAs represent a serious threat to Deep Neural Networks DNNs, where flipping a small number of bits in the model parameters or binary code can significantly degrade the model accuracy or mislead the model prediction in a desired way. Existing defenses exclusively focus on...
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-1661)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: gso: fix ownership in udpgsosegmentCVE-2025-21926 usbnet: gl620a: fix endpoint checking in genelinkbind.CVE-2025-21877 netsched: Prevent...
Siemens Mendix Studio Pro
SUMMARY Mendix Studio Pro contains a vulnerability in the module installation process, that could allow an attacker to write or modify arbitrary files in directories outside a developer’s project directory. Siemens has released new versions for several affected products and recommends to update...
US airline industry quietly selling flight data to DHS
A data broker owned by some of America's biggest airlines has been selling access to customer flight data to the US Department of Homeland Security DHS. The data, compiled by data broker Airlines Reporting Corporation ARC, includes names, flight itineraries, and financial details. It also covers...
CVE-2025-6001 VirtueMart - Cross Site Request Forgery (CSRF)
A Cross-Site Request Forgery CSRF vulnerability exists in the product image upload function of VirtueMart that bypasses the CSRF protection token. An attacker is able to craft a special CSRF request which will allow unrestricted file upload into the VirtueMart media manager...
CVE-2025-41662
Rejected reason: CVE-2025-41662 is considered redundant or unnecessary and thus should be withdrawn. Instead, a new CVE CVE-2025-41687 has been reserved to better reflect the updated analysis...
Security update for nbdkit
This update for nbdkit fixes the following issues: Update to version 1.36.5. Security fixes: CVE-2025-47712: integer overflow in blocksize filter when processing client block status requests larger than 232 will trigger an assertion failure and cause a denial-of-service. bsc1243108. CVE-2025-4771...
PT-2025-25186 · Weidmueller · Ie-Sr-2Tx-Wl +2
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to a lack of Cross-Site Request Forgery CSRF protection in the Main Web...
IBM Security Guardium Information Disclosure Vulnerability (CNVD-2025-12296)
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium has an information disclosure...
IBM Security Guardium Information Disclosure Vulnerability (CNVD-2025-12298)
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from an information disclosur...
IBM Security Guardium Information Disclosure Vulnerability (CNVD-2025-12297)
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from an information disclosur...
Cisco Customer Collaboration Platform Information Disclosure Vulnerability
Cisco Customer Collaboration Platform Cisco CCP is a customer collaboration platform from Cisco USA. Cisco Customer Collaboration Platform suffers from an information disclosure vulnerability that stems from the application's inadequate protection of sensitive information, which can be exploited ...
VirtueMart 跨站请求伪造漏洞
VirtueMart is an open source e-commerce application from VirtueMart, Inc. designed to be used as an extension to Mambo or Joomla! A security vulnerability exists in VirtueMart that stems from a cross-site request forgery protection bypass that could lead to arbitrary file uploads...
TRIDENT -- a Three-Tier Privacy-Preserving Propaganda Detection Model in Mobile Networks Using Transformers, Adversarial Learning, and Differential Privacy
The proliferation of propaganda on mobile platforms raises critical concerns around detection accuracy and user privacy. To address this, we propose TRIDENT - a three-tier propaganda detection model implementing transformers, adversarial learning, and differential privacy which integrates syntact...
PT-2025-25187 · Weidmueller · Ie-Sr-2Tx-Wl +2
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated remote attacker can execute arbitrary commands with root privileges on affected devices due to a lack of Cross-Site Request Forgery CSRF protection in the Main Web...
The Security Overview and Analysis of 3GPP 5G MAC CE
To more effectively control and allocate network resources, MAC CE has been introduced into the network protocol, which is a type of control signaling located in the MAC layer. Since MAC CE lacks encryption and integrity protection mechanisms provided by PDCP, the control signaling carried by MAC...
Devil'S Hand: Data Poisoning Attacks to Locally Private Graph Learning Protocols
Graph neural networks GNNs have achieved significant success in graph representation learning and have been applied to various domains. However, many real-world graphs contain sensitive personal information, such as user profiles in social networks, raising serious privacy concerns when graph...
IBM Security Guardium 安全漏洞
IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium...
PT-2025-27968
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the SFQ perturb period in the net sched module. The issue was reported by Gerrard Tai, who found that the SFQ perturb...
Security Bulletin: Multiple Vulnerabilities in IBM API Connect
Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.2-ifix2 Vulnerability Details CVEID:CVE-2019-12900 DESCRIPTION: BZ2decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. CWE:CWE-787: Out-of-bounds Write CVSS...