CVE-2025-6526 70mai M300 HTTP Server insufficiently protected credentials

A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to insufficiently protected credentials. The attack can only be done within the local network. The...

CVE-2025-6526 70mai M300 HTTP Server insufficiently protected credentials

A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611. This issue affects some unknown processing of the component HTTP Server. The manipulation leads to insufficiently protected credentials. The attack can only be done within the local network. The...

CVE-2025-6524

A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The manipulation leads to improper authentication. Access to the local network is required for this attack to succeed. The complexity of an attack is...

CVE-2025-6524 70mai 1S Video Services improper authentication

A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The manipulation leads to improper authentication. Access to the local network is required for this attack to succeed. The complexity of an attack is...

CVE-2025-6524

The CVE-2025-6524 entry concerns 70mai 1S devices (up to 20250611) with a vulnerability in the Video Services component. The issue is described as an improper authentication flaw that requires access to the local network, with attack complexity rated as HIGH. Public disclosure of the exploit is n...

CVE-2025-24288

The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts most with sudo access that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside...

Physical Layer Challenge-Response Authentication between Ambient Backscatter Devices

Ambient backscatter communication AmBC has become an integral part of ubiquitous Internet of Things IoT applications due to its energy-harvesting capabilities and ultra-low-power consumption. However, the open wireless environment exposes AmBC systems to various attacks, and existing authenticati...

CVE-2025-6493

A weakness has been identified in CodeMirror up to 5.65.20. Affected is an unknown function of the file mode/markdown/markdown.js of the component Markdown Mode. This manipulation causes inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-6493 CodeMirror Markdown Mode markdown.js redos

A weakness has been identified in CodeMirror up to 5.65.20. Affected is an unknown function of the file mode/markdown/markdown.js of the component Markdown Mode. This manipulation causes inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has bee...

CVE-2025-6493

CVE-2025-6493 affects CodeMirror (Markdown Mode) up to 5.65.20. An unknown function in file mode/markdown/markdown.js can cause inefficient regular expression complexity, enabling a remote attack. IBM/Consoles describe the vulnerability and advise upgrading the affected component to CodeMirror 6 ...

CVE-2025-6492

A vulnerability has been found in MarkText up to 0.17.1 and classified as problematic. Affected by this vulnerability is the function getRecommendTitleFromMarkdownString of the file marktext/src/main/utils/index.js. The manipulation leads to inefficient regular expression complexity. The attack c...

CVE-2025-6492 MarkText index.js getRecommendTitleFromMarkdownString redos

A vulnerability has been found in MarkText up to 0.17.1 and classified as problematic. Affected by this vulnerability is the function getRecommendTitleFromMarkdownString of the file marktext/src/main/utils/index.js. The manipulation leads to inefficient regular expression complexity. The attack c...

CVE-2025-6492 MarkText index.js getRecommendTitleFromMarkdownString redos

A vulnerability has been found in MarkText up to 0.17.1 and classified as problematic. Affected by this vulnerability is the function getRecommendTitleFromMarkdownString of the file marktext/src/main/utils/index.js. The manipulation leads to inefficient regular expression complexity. The attack c...

KCES: Training-Free Defense for Robust Graph Neural Networks Via Kernel Complexity

Graph Neural Networks GNNs have achieved impressive success across a wide range of graph-based tasks, yet they remain highly vulnerable to small, imperceptible perturbations and adversarial attacks. Although numerous defense methods have been proposed to address these vulnerabilities, many rely o...

Cut Tracing with E-Graphs for Boolean FHE Circuit Synthesis

Fully Homomorphic Encryption FHE is a promising privacy-preserving technology enabling secure computation over encrypted data. A major limitation of current FHE schemes is their high runtime overhead. As a result, automatic optimization of circuits describing FHE computation has garnered...

PT-2025-26569 · Marktext · Marktext

Name of the Vulnerable Software and Affected Versions: MarkText versions up to 0.17.1 Description: A vulnerability has been found in MarkText, affecting the function getRecommendTitleFromMarkdownString of the file marktext/src/main/utils/index.js. The manipulation leads to inefficient regular...

List-Decodable Byzantine Robust PIR: Lower Communication Complexity, Higher Byzantine Tolerance, Smaller List Size

Private Information Retrieval PIR is a privacy-preserving primitive in cryptography. Significant endeavors have been made to address the variant of PIR concerning the malicious servers. Among those endeavors, list-decodable Byzantine robust PIR schemes may tolerate a majority of malicious...

From Permissioned to Proof-of-Stake Consensus

This paper presents the first generic compiler that transforms any permissioned consensus protocol into a proof-of-stake permissionless consensus protocol. For each of the following properties, if the initial permissioned protocol satisfies that property in the partially synchronous setting, the...

Public-Key Quantum Authentication and Digital Signature Schemes Based on the QMA-Complete Problem

We propose a quantum authentication and digital signature protocol whose security is founded on the Quantum Merlin ArthurQMA-completeness of the consistency of local density matrices. The protocol functions as a true public-key cryptography system, where the public key is a set of local density...

Python DoS Vulnerability (Jun 2025) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...