40449 matches found
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Silence Is Golden: Leveraging Adversarial Examples to Nullify Audio Control in LDM-Based Talking-Head Generation
Advances in talking-head animation based on Latent Diffusion Models LDM enable the creation of highly realistic, synchronized videos. These fabricated videos are indistinguishable from real ones, increasing the risk of potential misuse for scams, political manipulation, and misinformation. Hence,...
The vulnerability of the platform for managing and monitoring Vynamic View terminals lies in the insufficient protection of operational data, which allows attackers to disclose the protected information.
The vulnerability of the platform for managing and monitoring Vynamic View terminals is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker to disclose the protected information...
The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueue_push() function allows a attacker to disclose sensitive information.
The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueuepush function is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose protected information through the...
Hewlett Packard Enterprise StoreOnce 命令注入漏洞
Hewlett Packard Enterprise StoreOnce is a cloud backup data protection system from Hewlett Packard Enterprise USA. A security vulnerability exists in Hewlett Packard Enterprise StoreOnce that stems from a command injection that could lead to remote code execution...
SMOTE-DP: Improving Privacy-Utility Tradeoff with Synthetic Data
Privacy-preserving data publication, including synthetic data sharing, often experiences trade-offs between privacy and utility. Synthetic data is generally more effective than data anonymization in balancing this trade-off, however, not without its own challenges. Synthetic data produced by...
Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Use after Free in grusetcontextoption leading to kernel panic CVE-2022-3424 kernel: ndisc: use RCU protection in ndiscallocskb CVE-2025-21764 For more details about the security issues,...
ARIANNA: an Automatic Design Flow for Fabric Customization and EFPGA Redaction
In the modern global Integrated Circuit IC supply chain, protecting intellectual property IP is a complex challenge, and balancing IP loss risk and added cost for theft countermeasures is hard to achieve. Using embedded configurable logic allows designers to completely hide the functionality of...
DSA-5933-1 tcpdf - security update
Bulletin has no description...
PUB-A-329622454
In ppmpprotectbuf of drmfw.c, there is a possible memory protection issue due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Docker under Siege: Securing Containers in the Modern Era
Containerization, driven by Docker, has transformed application development and deployment by enhancing efficiency and scalability. However, the rapid adoption of container technologies introduces significant security challenges that require careful management. This paper investigates key areas o...
DLA-4200-1 symfony - security update
Bulletin has no description...
CVE-2025-5142
The Simple Page Access Restriction plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.31. This is due to missing nonce validation and capability checks in the settings save handler in the settings.php script. This makes it possible for...
CVE-2025-5142
CVE-2025-5142 : The Simple Page Access Restriction WordPress plugin (versions
[SECURITY] Fedora 41 Update: dnsdist-1.9.10-1.fc41
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...
[SECURITY] Fedora 42 Update: dnsdist-1.9.10-1.fc42
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...
The vulnerability of the Hibernate query service implementation in the Kaiten project management system lies in the lack of protective measures for the SQL query structure. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Hibernate query service implementation in the Kaiten project management tool is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of th...
Hush! Protecting Secrets during Model Training: an Indistinguishability Approach
We consider the problem of secret protection, in which a business or organization wishes to train a model on their own data, while attempting to not leak secrets potentially contained in that data via the model. The standard method for training models to avoid memorization of secret information i...
CVE-2025-2796
On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be...
Porn sites probed for allegedly failing to prevent minors from accessing content
Four porn sites are being investigated by the European Commission under its Digital Services Act DSA for allegedly failing to verify its users' ages properly. The Commission, which drafts and enforces the European Union's laws, is focusing the lens on Pornhub, Stripchat, XNXX, and XVideos with th...