Improper check of an invariant resulting in incorrect bounds checks

A bounds verification of a slice storage of a 2-dimensional matrix's coefficients a kernel would compare the total size against the product of individual dimensions. This would erroneously cast after the multiplication and consequently fail to detect possible violations when overflow occurs...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013797 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calclcoefs echo max of u64 to cost.model can cause divide by...

EUVD-2012-2769

Malware in sbrugna...

Two Views, One Truth: Spectral and Self-Supervised Features Fusion for Robust Speech Deepfake Detection

Recent advances in synthetic speech have made audio deepfakes increasingly realistic, posing significant security risks. Existing detection methods that rely on a single modality, either raw waveform embeddings or spectral based features, are vulnerable to non spoof disturbances and often overfit...

Deep Spatial Neural Net Models with Functional Predictors: Application in Large-Scale Crop Yield Prediction

Accurate prediction of crop yield is critical for supporting food security, agricultural planning, and economic decision-making. However, yield forecasting remains a significant challenge due to the complex and nonlinear relationships between weather variables and crop production, as well as...

Quantized Approximate Signal Processing (QASP): Towards Homomorphic Encryption for Audio

Audio and speech data are increasingly used in machine learning applications such as speech recognition, speaker identification, and mental health monitoring. However, the passive collection of this data by audio listening devices raises significant privacy concerns. Fully homomorphic encryption...

Use of a Cryptographic Primitive with a Risky Implementation

Overview PostQuantum-Feldman-VSS is a Post-Quantum Secure Feldman's Verifiable Secret Sharing VSS in Python Affected versions of this package are vulnerable to Use of a Cryptographic Primitive with a Risky Implementation due to inadequate countermeasures in secureredundantexecution. An attacker c...

CVE-2025-29780

CVE-2025-29780 affects the Python implementation of Post-Quantum Secure Feldman's Verifiable Secret Sharing (VSS) in the feldman_vss library, version 0.8.0b2 and earlier. Connected sources describe timing side-channel vulnerabilities in matrix operations, specifically in _find_secure_pivot and po...

CVE-2025-29779 Post-Quantum Secure Feldman's Verifiable Secret Sharing has Inadequate Fault Injection Countermeasures in `secure_redundant_execution`

Post-Quantum Secure Feldman's Verifiable Secret Sharing provides a Python implementation of Feldman's Verifiable Secret Sharing VSS scheme. In versions 0.8.0b2 and prior, the secureredundantexecution function in feldmanvss.py attempts to mitigate fault injection attacks by executing a function...

GHSA-JP37-5QHW-MFFW Sharks has a Bias of Polynomial Coefficients in Secret Sharing

Affected versions of this crate allowed for a bias when generating random polynomials for Shamir Secret Sharing, where instead of being within the range 0, 255 they were instead in the range 1, 255. A description from Cure53, who originally found the issue, is available: The correct method to...

Sharks has a Bias of Polynomial Coefficients in Secret Sharing

Affected versions of this crate allowed for a bias when generating random polynomials for Shamir Secret Sharing, where instead of being within the range 0, 255 they were instead in the range 1, 255. A description from Cure53, who originally found the issue, is available: The correct method to...

Bias of Polynomial Coefficients in Secret Sharing

Affected versions of this crate allowed for a bias when generating random polynomials for Shamir Secret Sharing, where instead of being within the range 0, 255 they were instead in the range 1, 255. A description from Cure53, who originally found the issue, is available: The correct method to...

DEBIAN-CVE-2024-46714

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip wbsclsetscalerfilter if filter is null Callers can pass null in filter i.e. from returned from the function wbsclgetfiltercoeffs16p and a null check is added to ensure that is not the case. This fixes 4...

Subsequent liquidity providers will suffer from the loss of funds

Lines of code Vulnerability details Impact When adding liquidity, lpAmountOut is calculated using the formula: calcLpTokenSupplywellFunction, reserves - totalSupply. function calcLpTokenSupply Call memory wellFunction, uint256 memory reserves internal view returns uint256 lpTokenSupply...

SUSE CVE-2014-3174

modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote attackers to cause a denial of service read of...

SUSE CVE-2017-6827

Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile aka libaudiofile and Audio File Library 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file...

SUSE CVE-2017-6837

WAVE.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via vectors related to a large number of coefficients...

jpeg-quantsmooth 安全漏洞

jpeg-quantsmooth is a quantization coefficient-based JPEG artifact removal by the individual developer Ilya Kurdyukov in Russia. A security vulnerability exists in jpeg-quantsmooth in versions prior to commit 8879454, which stems from a floating point exception in /jpeg-quantsmooth/jpegqs+0x4f5d6...

OSV-2020-1502 Use-of-uninitialized-value in void add_residual_fallback<unsigned short>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22810 Crash type: Use-of-uninitialized-value Crash state: void addresidualfallback void accelerationfunctions::addresidual void scalecoefficientsinternal...

DEBIAN-CVE-2017-6837

WAVE.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via vectors related to a large number of coefficients...