SUSE CVE-2025-47183

In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure...

DEBIAN-CVE-2025-38001

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch 141d34391abbb315d68556b7c67ad97885407547 1 can be bypassed, and a UAF can still occur when HFSC ...

PT-2025-33546

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was discovered in the Linux kernel related to the BTRFS file system's free space tree. Specifically, an assertion failure could occur when building the free space tree with the...

Spanning-Tree-Packing Protocol for Conference Key Propagation in Quantum Networks

We consider a network of users connected by pairwise quantum key distribution QKD links. Using these pairwise secret keys and public classical communication, the users want to generate a common conference secret key at the maximal rate. We propose an algorithm based on spanning tree packing a kno...

Dpmm: Differentially Private Marginal Models, a Library for Synthetic Tabular Data Generation

We propose dpmm, an open-source library for synthetic data generation with Differentially Private DP guarantees. It includes three popular marginal models -- PrivBayes, MST, and AIM -- that achieve superior utility and offer richer functionality compared to alternative implementations...

Fooling the Watchers: Breaking AIGC Detectors Via Semantic Prompt Attacks

The rise of text-to-image T2I models has enabled the synthesis of photorealistic human portraits, raising serious concerns about identity misuse and the robustness of AIGC detectors. In this work, we propose an automated adversarial prompt generation framework that leverages a grammar tree...

PT-2025-27712

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.30 Description: A division by zero error can occur in the Linux kernel when the ptp rate is 0, leading to a kernel crash. This issue arises when the stmmac platform drivers do not properly handle the clk pt...

The vulnerability of the powerpc component functions fixup_device_tree_chrp(), fixup_device_tree_pmac(), and fixup_device_tree() in the arch/powerpc/kernel/prom_init.c file of the Linux operating system kernel allows a attacker to cause a service failure.

The vulnerability of the powerpc functions fixupdevicetreechrp, fixupdevicetreepmac, and fixupdevicetree in the arch/powerpc/kernel/prominit.c file of the Linux operating system kernel is related to resource management errors. Exploiting this vulnerability could allow an attacker to cause a servi...

CVE-2025-23873

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anshi Solutions Category D3 Tree category-d3-tree allows Stored XSS.This issue affects Category D3 Tree: from n/a through = 1.1...

CVE-2024-5741

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 EOL...

CVE-2024-51883

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Micha I Plant A Tree i-plant-a-tree allows Stored XSS.This issue affects I Plant A Tree: from n/a through = 1.7.4...

CVE-2024-44073

The Miniscript aka rust-miniscript library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth...

CVE-2023-30868

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Jon Christopher CMS Tree Page View plugin = 1.6.7 versions...

CVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function...

CVE-2023-46911

There is a Cross Site Scripting XSS vulnerability in the choosestyletree.do interface of Jspxcms v10.2.0 backend...

CVE-2023-46151

Cross-Site Request Forgery CSRF vulnerability in AWESOME TOGI Product Category Tree plugin = 2.5 versions...

CVE-2021-1070

NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the applybinaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an...

CVE-2025-37972

In the Linux kernel, the following vulnerability has been resolved: Input: mtk-pmic-keys - fix possible null pointer dereference In mtkpmickeysprobe, the regs parameter is only set if the button is parsed in the device tree. However, on hardware where the button is left floating, that node will...

CVE-2019-9600

The Olive Tree FTP Server aka com.theolivetree.ftpserver application through 1.32 for Android allows remote attackers to cause a denial of service via a client that makes many connection attempts and drops certain packets...

CVE-2019-17063

In Snowtide PDFxStream before 3.7.1 for Java, a crafted PDF file can trigger an extremely long running computation because of page-tree mishandling...