150 matches found
PT-2026-28067
Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, the manager of a form could potentially exploit an Unrestricted Upload of File with Dangerous Type due to a missing validation. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...
CVE-2026-22727
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...
PT-2026-25958
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...
A High-Throughput AES-GCM Implementation on GPUs for Secure, Policy-Based Access to Massive Astronomical Catalogs
The era of large astronomical surveys generates massive image catalogs requiring efficient and secure access, particularly during pre-publication periods where data confidentiality and integrity are paramount. While Findable, Accessible, Interoperable, and Reusable FAIR principles guide the...
CVE-2025-62862
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...
CVE-2025-62862
CVE-2025-62862 concerns AmpereOne AC03 (before 3.5.9.3), AC04 (before 4.4.5.2), and M (before 5.4.5.1). The root cause is an incorrectly formed SMC call to the UEFI-MM Boot Error Record Table driver, enabling (1) out-of-bounds reads that may leak Secure-EL0 information to Non-Secure state, or (2)...
Updated unbound packages fix security vulnerability
Several multi-vendor cache poisoning vulnerabilities have been discovered in caching resolvers for non-DNSSEC protected data. Unbound is vulnerable for some of these cases that could lead to domain hijacking CVE-2025-11411...
EUVD-2003-0030
Malware in sbrugna...
EUVD-2015-7607
Malware in sbrugna...
CVE-2022-1726
Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...
Malicious code in secure-data-checker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b4c358b5a571c99b8b2f4b94a39729183ea9d5498e9407722a73f366bacd2b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4021 Malicious code in secure-data-checker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b4c358b5a571c99b8b2f4b94a39729183ea9d5498e9407722a73f366bacd2b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
DeFeed: Secure Decentralized Cross-Contract Data Feed in Web 3.0 for Connected Autonomous Vehicles
Smart contracts have been a topic of interest in blockchain research and are a key enabling technology for Connected Autonomous Vehicles CAVs in the era of Web 3.0. These contracts enable trustless interactions without the need for intermediaries, as they operate based on predefined rules encoded...
The Dark Side of Digital Twins: Adversarial Attacks on AI-Driven Water Forecasting
Digital twins DTs are improving water distribution systems by using real-time data, analytics, and prediction models to optimize operations. This paper presents a DT platform designed for a Spanish water supply network, utilizing Long Short-Term Memory LSTM networks to predict water consumption...
CVE-2025-38575 ksmbd: use aead_request_free to match aead_request_alloc
In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aeadrequestfree to match aeadrequestalloc Use aeadrequestfree instead of kfree to properly free memory allocated by aeadrequestalloc. This ensures sensitive crypto data is zeroed before being freed...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mutual exclusion lock protection issue with SDB memory allocation in the s390/cpumsf subsystem...
s390/pkey: Wipe sensitive data on failure
...
SUSE CVE-2021-47614
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a user-after-free in addpbleprm When irdmahmcsdone fails, 'chunk' is freed while its still on the PBLE info list. Add the chunk entry to the PBLE info list only after successful setting of the SD in irdmahmcsdone...
Top 3 Cybersecurity Tools to Protect Business Data
By Uzair Amir Discover the top three cybersecurity tools designed to safeguard your business data from online threats and breaches, ensuring secure data transfer. This is a post from HackRead.com Read the original post: Top 3 Cybersecurity Tools to Protect Business Data...
Application Layer Gateway (ALG) Explained: What it is & Why You Need it ?
Snippet When you hear "Application Layer Gateway," or ALG for short, think of it as a network traffic conductor. It's the unsung hero that examines data packets, making sure they follow specific rules and get to where they're supposed to go—securely and efficiently. Quick Facts Definition In the...