CVE-2026-41659

Admidio is an open-source user management solution. Prior to version 5.0.9, the member assignment DataTables endpoint membersassignmentdata.php includes hidden profile fields BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY in its SQL search condition regardless of field visibility settings. While the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001603)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001603 advisory. System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from...

kernel: information leak via transient execution vulnerability in some AMD processors

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information...

CVE-2025-64492

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 8.9.0 and below contain a time-based blind SQL Injection vulnerability. This vulnerability allows an authenticated attacker to infer data from the database by measuring response times,...

USN-7848-1 amd64-microcode vulnerabilities

Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores. A local attacker could possibly use this issue to expose sensitive information. This update provides the updat...

USN-7848-1: AMD Microcode vulnerabilities

Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores. A local attacker could possibly use this issue to expose sensitive information. This update provides the updat...

EUVD-2018-15519

Malware in sbrugna...

EUVD-2025-20522

Malicious code in bioql PyPI...

PT-2025-45525

Name of the Vulnerable Software and Affected Versions SuiteCRM versions 8.0.0 through 8.9.0 Description SuiteCRM is an open-source Customer Relationship Management CRM software application. A time-based blind SQL Injection flaw exists in versions 8.9.0 and below. This issue allows an authenticate...

Zero Trust + AI: Privacy in the Age of Agentic AI

We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors — interacting with data, systems, and humans without constant oversight — privacy is no longer about control. It's about trus...

kernel: information leak via transient execution vulnerability in some AMD processors

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information...

"Is It Always Watching? Is It Always Listening?" Exploring Contextual Privacy and Security Concerns toward Domestic Social Robots

Equipped with artificial intelligence AI and advanced sensing capabilities, social robots are gaining interest among consumers in the United States. These robots seem like a natural evolution of traditional smart home devices. However, their extensive data collection capabilities, anthropomorphic...

Entangled Threats: a Unified Kill Chain Model for Quantum Machine Learning Security

Quantum Machine Learning QML systems inherit vulnerabilities from classical machine learning while introducing new attack surfaces rooted in the physical and algorithmic layers of quantum computing. Despite a growing body of research on individual attack vectors - ranging from adversarial poisoni...

SUSE CVE-2024-36350

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information...

ALPINE-CVE-2024-36350

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information...

CVE-2025-3648

A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list ACL configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer...

CVE-2025-3648 Data Inference in Now Platform via Conditional ACLs

A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list ACL configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer...

CVE-2025-3648

The CVE-2025-3648 entry concerns the Now Platform, where data could be inferred without authorization under certain conditional ACL configurations. The vulnerability allows unauthenticated and authenticated users to use range query requests to infer instance data not meant to be accessible. Techn...

CVE-2025-3648 Data Inference in Now Platform via Conditional ACLs

A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list ACL configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer...

AMD Processors 安全漏洞

AMD Processors is a processor from Ultraviolet Semiconductor AMD. AMD Processors suffers from a security vulnerability that stems from the possibility that an attacker could infer previously stored data, potentially leading to the disclosure of privileged information...