CVE-2021-2075

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Samples. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP...

Backdoor Cleaning without External Guidance in MLLM Fine-Tuning

Multimodal Large Language Models MLLMs are increasingly deployed in fine-tuning-as-a-service FTaaS settings, where user-submitted datasets adapt general-purpose models to downstream tasks. This flexibility, however, introduces serious security risks, as malicious fine-tuning can implant backdoors...

Is Artificial Intelligence Generated Image Detection a Solved Problem?

The rapid advancement of generative models, such as GANs and Diffusion models, has enabled the creation of highly realistic synthetic images, raising serious concerns about misinformation, deepfakes, and copyright infringement. Although numerous Artificial Intelligence Generated Image AIGI...

MalVis: a Large-Scale Image-Based Framework and Dataset for Advancing Android Malware Classification

As technology advances, Android malware continues to pose significant threats to devices and sensitive data. The open-source nature of the Android OS and the availability of its SDK contribute to this rapid growth. Traditional malware detection techniques, such as signature-based, static, and...

gstreamer1-plugins-good: OOB-read in qtdemux_parse_samples

A flaw was found in the GStreamer library. Multiple out-of-bounds reads in the MP4/MOV demuxer's sample table parsing and a lack of error checking can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

RLSA-2024:11193 Moderate: mpg123 security update

The mpg123 packages contain real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2, and 3 most commonly MPEG 1.0 layer 3 also known as MP3, as well as re-usable decoding and output libraries. Security Fixes: mpg123: Buffer overflow when writing decoded PCM samples CVE-2024-10573 For more...

Adversarial Sample Generation for Anomaly Detection in Industrial Control Systems

Machine learning ML-based intrusion detection systems IDS are vulnerable to adversarial attacks. It is crucial for an IDS to learn to recognize adversarial examples before malicious entities exploit them. In this paper, we generated adversarial samples using the Jacobian Saliency Map Attack JSMA...

Revisiting Data Auditing in Large Vision-Language Models

With the surge of large language models LLMs, Large Vision-Language Models VLMs--which integrate vision encoders with LLMs for accurate visual grounding--have shown great potential in tasks like generalist agents and robotic control. However, VLMs are typically trained on massive web-scraped...

SUSE CVE-2025-22100

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups with an xarray lock, which could lead to use-after-free errors...

FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE

This blog details our investigation of malware samples that conceal within them a FOG ransomware payload...

DEBIAN-CVE-2025-22100

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups with an xarray lock, which could lead to use-after-free errors...

UBUNTU-CVE-2025-22100

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups with an xarray lock, which could lead to use-after-free errors...

CVE-2025-22100

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups with an xarray lock, which could lead to use-after-free errors...

CVE-2025-22100 drm/panthor: Fix race condition when gathering fdinfo group samples

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups with an xarray lock, which could lead to use-after-free errors...

RLSA-2024:11242 Moderate: mpg123:1.32.9 security update

The mpg123 packages contain real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1, 2, and 3 most commonly MPEG 1.0 layer 3 also known as MP3, as well as re-usable decoding and output libraries. Security Fixes: mpg123: Buffer overflow when writing decoded PCM samples CVE-2024-10573 For more...

Security update for tiff

This update for tiff fixes the following issues: CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits in tiffcrop.c bsc1212607. CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt leading to denial of service bsc1219213. Other bugfixes: Fixed tiff build issue on...

UBUNTU-CVE-2021-47654

In the Linux kernel, the following vulnerability has been resolved: samples/landlock: Fix pathlist memory leak Clang static analysis reports this error sandboxer.c:134:8: warning: Potential leak of memory pointed to by 'pathlist' ret = 0; ^ pathlist is allocated in parsepath but never freed...

CVE-2021-47654

CVE-2021-47654: Linux kernel landlock sandbox fix for a path_list memory leak where path_list allocated in parse_path() is not freed. Description notes a leak warning in sandboxer.c:134 and that path_list is freed by none. No exploitation details or fixes/versions are specified beyond the fix not...

com.github.zhkl0228:netguard (>=0.0.5 <=0.0.6), tech.kwik:flupke (>=0.5.4 <=0.6) +5 more potentially affected by CVE-2025-23020 via tech.kwik:kwik (=0.10)

tech.kwik:kwik MAVEN version =0.10 is affected by a known vulnerability. The following packages have a transitive dependency on tech.kwik:kwik and may be impacted: - com.github.zhkl0228:netguard =0.0.5, =0.5.4, =0.6 - tech.kwik:kwik-cli =0.10 - tech.kwik:kwik-h09 =0.10 - tech.kwik:kwik-interop...

PT-2025-7261 · Git +1 · Wavpack

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue is related to a crash type of Object-size. The crash state involves the functions unpack dsd samples and unpack samples worker thread. No information is available about the...