205 matches found
CVE-2025-59420
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...
UBUNTU-CVE-2025-59420
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...
CVE-2025-59420 Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)
Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...
GHSA-9GGR-2464-2J32 Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)
Summary Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical header for example, bork or cnf that strict verifiers reject but Authlib accepts. In...
Cyber Risks to Next-Gen Brain-Computer Interfaces: Analysis and Recommendations
Brain-computer interfaces BCIs show enormous potential for advancing personalized medicine. However, BCIs also introduce new avenues for cyber-attacks or security compromises. In this article, we analyze the problem and make recommendations for device manufacturers to better secure devices and to...
CVE-2025-8523 RiderLike Fruit Crush-Brain App com.fruitcrush.fun AndroidManifest.xml improper export of android application components
A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.fruitcrush.fun. The manipulation leads to improper export of android...
Foundation of Affective Computing and Interaction
This book provides a comprehensive exploration of affective computing and human-computer interaction technologies. It begins with the historical development and basic concepts of human-computer interaction, delving into the technical frameworks and practical applications of emotional computing,...
CVE-2024-7071
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...
CVE-2020-24395
The USB firmware update script of homee Brain Cube v2 2.28.2 and 2.28.4 devices allows an attacker with physical access to install compromised firmware. This occurs because of insufficient validation of the firmware image file and can lead to code execution on the device...
Neuromorphic Mimicry Attacks Exploiting Brain-Inspired Computing for Covert Cyber Intrusions
Neuromorphic computing, inspired by the human brain's neural architecture, is revolutionizing artificial intelligence and edge computing with its low-power, adaptive, and event-driven designs. However, these unique characteristics introduce novel cybersecurity risks. This paper proposes...
GPU Hosting and Open Source AI Will Revolutionize or Kill WordPress
On the eve of WordCamp US 2024 we find ourselves in the midst of a revolution. It is perhaps the most profoundly transformative technology revolution our species has experienced in our short history in this Universe. In fundamental terms, since computers have existed we have been programming them...
CVE-2024-7071
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...
CVE-2024-7071
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...
CVE-2024-7071
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection.This issue affects Brain Low-Code: before 2.1.0...
CVE-2024-7071 Unauthenticate SQLi in Brain Information Technologies' Brain Low-Code
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...
CVE-2024-7071
The issue is a SQL Injection vulnerability in Brain Low-Code (Hibernate component) caused by improper neutralization of special elements in SQL commands. Affected versions are Brain Low-Code before 2.1.0. The vulnerability arises within the Hibernate integration, enabling unauthenticated SQL inje...
CVE-2024-7071 Unauthenticate SQLi in Brain Information Technologies' Brain Low-Code
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...
Brain Low-Code SQL注入漏洞
Brain Low-Code is a software development platform from Brain Low-Code that requires little to no coding to build applications and processes. An SQL injection vulnerability exists in versions of Brain Low-Code prior to 2.1.0. No information about this vulnerability is available at this time, so st...
PT-2024-38060
Name of the Vulnerable Software and Affected Versions Brain Low-Code versions prior to 2.1.0 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This vulnerability affects the Hibernate component in Brain...
Malicious code in kevins-propietary_brain (RubyGems)
--- -= Per source details. Do not edit below this line.=-...