245 matches found
kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...
CVE-2025-58871
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...
CVE-2025-58871 WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...
CVE-2025-58871 WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luis Rock Master Paper Collapse Toggle master-paper-collapse-toggle allows Stored XSS.This issue affects Master Paper Collapse Toggle: from n/a through = 1.1...
WordPress Master Paper Collapse Toggle Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Mika in WordPress Plugin Master Paper Collapse Toggle versions = 1.1...
WordPress plugin Master Paper Collapse Toggle 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-36210
Name of the Vulnerable Software and Affected Versions: Luis Rock Master Paper Collapse Toggle versions through 1.1 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting XSS. Recommendations: Update to ...
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attributeIn Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute
...
Extending the OWASP Multi-Agentic System Threat Modeling Guide: Insights from Multi-Agent Security Research
We propose an extension to the OWASP Multi-Agentic System MAS Threat Modeling Guide, translating recent anticipatory research in multi-agent security MASEC into practical guidance for addressing challenges unique to large language model LLM-driven multi-agent architectures. Although OWASP's...
kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...
Linux Distros Unpatched Vulnerability : CVE-2022-49778
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect filemapcount for non-leaf pmd/pud The page table check trigger BUGON...
On One-Shot Signatures, Quantum Vs Classical Binding, and Obfuscating Permutations
One-shot signatures OSS were defined by Amos, Georgiou, Kiayias, and Zhandry STOC'20. These allow for signing exactly one message, after which the signing key self-destructs, preventing a second message from ever being signed. While such an object is impossible classically, Amos et al observe tha...
CLSA-2025-1751916475 kernel: Fix of 10 CVEs
udmabuf: fix a buf size overflow issue during udmabuf creation CVE-2025-37803 - bpf: Prevent tail call between progs attached to different hooks CVE-2024-50063 - nfsd: fix possible badness in FREESTATEID CVE-2024-50043 - nfsd: prevent panic for nfsv4.0 closed files in nfs4showopen CVE-2024-46682...
CVE-2025-38085 mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...
Doppelgänger Method: Breaking Role Consistency in LLM Agent via Prompt-based Transferable Adversarial Attack
Since the advent of large language models, prompt engineering now enables the rapid, low-effort creation of diverse autonomous agents that are already in widespread use. Yet this convenience raises urgent concerns about the safety, robustness, and behavioral consistency of the underlying prompts,...
The vulnerability of the mm/MADV_COLLAPSE components of the Linux operating system, which allows a hacker to cause a service failure.
The vulnerability of the mm/MADVCOLLAPSE component in the Linux operating system is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure...
CVE-2023-40669
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in twinpictures, baden03 Collapse-O-Matic plugin = 1.8.5.5 versions...
CVE-2023-7030
The Collapse-O-Matic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'expand' shortcode in all versions up to, and including, 1.8.5.5 due to insufficient input sanitization and output escaping on the 'tag' user supplied attribute. This makes it possible for...
CVE-2022-4475
The Collapse-O-Matic WordPress plugin before 1.8.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CTRAP: Embedding Collapse Trap to Safeguard Large Language Models from Harmful Fine-Tuning
Fine-tuning-as-a-service, while commercially successful for Large Language Model LLM providers, exposes models to harmful fine-tuning attacks. As a widely explored defense paradigm against such attacks, unlearning attempts to remove malicious knowledge from LLMs, thereby essentially preventing th...