6765 matches found
DEBIAN-CVE-2025-40907
FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 aka fcgi library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow and resultant heap-based buffer overflow via crafted nameLen or valueLen values in data to the IPC...
Unveiling the Black Box: a Multi-Layer Framework for Explaining Reinforcement Learning-Based Cyber Agents
Reinforcement Learning RL agents are increasingly used to simulate sophisticated cyberattacks, but their decision-making processes remain opaque, hindering trust, debugging, and defensive preparedness. In high-stakes cybersecurity contexts, explainability is essential for understanding how...
CVE-2024-12800
The CVE-2024-12800 entry concerns the WordPress plugin IP Based Login. Affected versions prior to 2.4.1 do not sanitize values during import, enabling Stored Cross-Site Scripting (Stored XSS) that could be exploited by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e...
WordPress plugin IP Based Login 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers. A security vulnerability exists ...
Efficient Malicious UAV Detection Using Autoencoder-TSMamba Integration
Malicious Unmanned Aerial Vehicles UAVs present a significant threat to next-generation networks NGNs, posing risks such as unauthorized surveillance, data theft, and the delivery of hazardous materials. This paper proposes an integrated AE-classifier system to detect malicious UAVs. The proposed...
CVE-2025-26783
An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, W1000, Modem 5300, and Modem 5400. Incorrect handling of undefined values leads to a Denial of Service...
iTop 跨站脚本漏洞
iTop is a simple, web-based IT service management tool from Combodo open source. A cross-site scripting vulnerability exists in iTop versions prior to 3.1.3 and 3.2.1, which stems from a cross-site scripting attack due to the presence of malicious code in CSV content...
kernel: sysctl: always initialize i_uid/i_gid
In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...
rsync: rsync server leaks arbitrary client files
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...
Configure the Kernel Parameter ptrace_scope Properly
ptrace is a system call used for process tracing. It provides the capability for a parent process to observe and control child processes. Linux Kernel 3.4 and later versions support completely restricting or disabling the ptrace function. According to the Linux Kernel Yama Documentation, the...
libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c
A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...
CVE-2023-53093
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...
CVE-2025-2168
The Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.1. This is due to missing or incorrect non...
SUSE CVE-2023-53093
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...
An Approach for Handling Missing Attribute Values in Attribute-Based Access Control Policy Mining
Attribute-Based Access Control ABAC enables highly expressive and flexible access decisions by considering a wide range of contextual attributes. ABAC policies use logical expressions that combine these attributes, allowing for precise and context-aware control. Algorithms that mine ABAC policies...
AZL-70135 CVE-2023-53093 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...
UBUNTU-CVE-2023-53093
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...
CVE-2023-53093 tracing: Do not let histogram values have some modifiers
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...
CVE-2023-53093 tracing: Do not let histogram values have some modifiers
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...
CVE-2023-53093
CVE-2023-53093 affects the Linux kernel tracing subsystem, where histogram values are not allowed to use certain modifiers. The root cause is that histogram code was not prepared to handle modifiers for histograms, leading to a NULL pointer dereference and kernel oops when printing histograms via...