A Dual-Layer Image Encryption Framework Using Chaotic AES with Dynamic S-Boxes and Steganographic QR Codes

This paper presents a robust image encryption and key distribution framework that integrates an enhanced AES-128 algorithm with chaos theory and advanced steganographic techniques for dual-layer security. The encryption engine features a dynamic ShiftRows operation controlled by a logistic map,...

New Characterization of Full Weight Spectrum One-Orbit Cyclic Subspace Codes

In this paper, we determine the weight distributions of a family of FWS codes and exhibit some equivalence classes of FWS codes under certain conditions. Furthermore, we provide a complete classification for $r$-FWS codes...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: regulatory: improve invalid hints checking Syzbot continues to report a issue 1 that occurs when erroneous symbols sent from userspace get through into useralpha2 via the regulatoryhintuser call. Such invalid...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: drmerr = deverr in the HPD path, to avoid NULL pointers. The function mtkdpwaithpdasserted may be called before the mtkdp-drmdev pointer is assigned in mtkdpbridgeattach. Specifically, it can be called via these...

PT-2025-25580

Name of the Vulnerable Software and Affected Versions conda-build versions prior to 25.3.1 Description The issue in conda-build allows attackers with filesystem access to exploit a race condition and overwrite a temporary build script, potentially leading to arbitrary code execution under the...

CVE-2025-6029

Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key Fob Transmitter in KIA-branded Aftermarket Generic Smart Keyless Entry System, primarily distributed in Ecuador, which allows a replay attack. Manufacture is unknown at the time of release. CVE Record...

CVE-2025-6029

Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key Fob Transmitter in KIA-branded Aftermarket Generic Smart Keyless Entry System, primarily distributed in Ecuador, which allows a replay attack. Manufacture is unknown at the time of release. CVE Record...

CVE-2025-6030 Autoeastern Smart Keyless Entry System Replay Attack

Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Research was completed on the 2024 KIA Soluto. Attack confirmed on other KIA Models in Ecuador...

CVE-2025-6030

CVE-2025-6030 concerns the Cyclone Matrix TRF Smart Keyless Entry System’s Key Fob Transmitter, where the use of fixed learning codes enables a replay attack. The issue affects Cyclone Matrix TRF-based keyless systems and was demonstrated on a 2024 Kia Soluto, with reports of attacks on other Kia...

CVE-2025-6030 Autoeastern Smart Keyless Entry System Replay Attack

Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Research was completed on the 2024 KIA Soluto. Attack confirmed on other KIA Models in Ecuador...

CVE-2025-6029 KIA-branded Aftermarket Generic Smart Keyless Entry System Replay Attack

Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key Fob Transmitter in KIA-branded Aftermarket Generic Smart Keyless Entry System, primarily distributed in Ecuador, which allows a replay attack. Manufacture is unknown at the time of release. CVE Record...

CVE-2025-6029

CVE-2025-6029 describes a replay-attack vulnerability in a KIA-branded Aftermarket Generic Smart Keyless Entry System. The root cause is the use of fixed learning codes in the Key Fob Transmitter, enabling unauthorized lock/unlock actions. Public descriptions (NVD/Red Hat/CVE lists) specify a rep...

PT-2025-25420 · Unknown · Kia-Branded Aftermarket Generic Smart Keyless Entry System

Name of the Vulnerable Software and Affected Versions: KIA-branded Aftermarket Generic Smart Keyless Entry System versions 2022 through 2025 Description: The issue is related to the use of fixed learning codes in the Key Fob Transmitter, which allows a replay attack. This affects KIA vehicles in...

BF-Max: an Efficient Bit Flipping Decoder with Predictable Decoding Failure Rate

The Bit-Flipping BF decoder, thanks to its very low computational complexity, is widely employed in post-quantum cryptographic schemes based on Moderate Density Parity Check codes in which, ultimately, decryption boils down to syndrome decoding. In such a setting, for security concerns, one must...

Black-Box Crypto Is Useless for Pseudorandom Codes

A pseudorandom code is a keyed error-correction scheme with the property that any polynomial number of encodings appear random to any computationally bounded adversary. We show that the pseudorandomness of any code tolerating a constant rate of random errors cannot be based on black-box reduction...

CVE-2025-41441

Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects products that use the coupon feature...

CVE-2025-41441

Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects products that use the coupon feature...

CVE-2025-41441

CVE-2025-41441 affects Mailform Pro CGI versions prior to 4.3.4. The vulnerability stems from error messages that disclose sensitive information (CWE-209), which may allow a remote unauthenticated attacker to obtain coupon codes in systems that enable the coupon feature. Impact is limited to prod...

Mailform Pro CGI generating error messages containing sensitive information

Overview Mailform Pro CGI provided by SYNCK GRAPHICA contains a vulnerability listed below. Generation of error message containing sensitive information CWE-209 - CVE-2025-41441 Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

PT-2025-22903 · Unknown · Mailform Pro Cgi

Name of the Vulnerable Software and Affected Versions: Mailform Pro CGI versions prior to 4.3.4 Description: The issue allows a remote unauthenticated attacker to obtain coupon codes due to error messages containing sensitive information. This only affects products that use the coupon feature...