PT-2025-45060

Name of the Vulnerable Software and Affected Versions Cursor versions 1.7.28 and below Description Cursor is a code editor designed for programming with AI. An input validation issue within Cursor’s MCP server installation allows maliciously crafted deep-links to circumvent standard security...

Machine and Deep Learning for Indoor UWB Jammer Localization

Ultra-wideband UWB localization delivers centimeter-scale accuracy but is vulnerable to jamming attacks, creating security risks for asset tracking and intrusion detection in smart buildings. Although machine learning ML and deep learning DL methods have improved tag localization, localizing...

CVE-2025-29270

Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain access to the admin panel and complete control of the device...

Penetrating the Hostile: Detecting DeFi Protocol Exploits through Cross-Contract Analysis

Decentralized finance DeFi protocols are crypto projects developed on the blockchain to manage digital assets. Attacks on DeFi have been frequent and have resulted in losses exceeding $80 billion. Current tools detect and locate possible vulnerabilities in contracts by analyzing the state changes...

CVE-2025-29270

Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain access to the admin panel and complete control of the device...

CVE-2025-29270

The issue CVE-2025-29270 affects Deep Sea Electronics DSE855 devices, specifically versions 1.1.0 through 1.1.26. The vulnerability is an incorrect access control in the realtime.cgi endpoint, which can allow an attacker to access the admin panel and take full control of the device. The impact is...

MalDataGen: A Modular Framework for Synthetic Tabular Data Generation in Malware Detection

High-quality data scarcity hinders malware detection, limiting ML performance. We introduce MalDataGen, an open-source modular framework for generating high-fidelity synthetic tabular data using modular deep learning models e.g., WGAN-GP, VQ-VAE. Evaluated via dual validation TR-TS/TS-TR, seven...

CVE-2025-29270

Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain access to the admin panel and complete control of the device...

CVE-2025-29270

Incorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain access to the admin panel and complete control of the device...

PT-2025-44641

Name of the Vulnerable Software and Affected Versions Deep Sea Electronics DSE855 versions 1.1.0 through 1.1.26 Description A flaw exists in access control within the realtime.cgi endpoint of Deep Sea Electronics devices. This allows attackers to access the admin panel and gain complete control o...

A DRL-Empowered Multi-Level Jamming Approach for Secure Semantic Communication

Semantic communication SemCom aims to transmit only task-relevant information, thereby improving communication efficiency but also exposing semantic information to potential eavesdropping. In this paper, we propose a deep reinforcement learning DRL-empowered multi-level jamming approach to enhanc...

Nextcloud: Improper input validation On Exported deep-link handler crashes `FileDisplayActivity` on crafted external URL — Denial-of-Service

A vulnerability was discovered in the Nextcloud Android client application where improper input validation in the exported deep-link handler caused a null dereference in the FileDisplayActivity component. This resulted in an unhandled NullPointerException and application crash when the deep-link...

EulerOS 2.0 SP13 : polkit (EulerOS-SA-2025-2274)

According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This...

Security Bulletin: vulerability in IBM Spectrum Symphony with Elasticsearch

Summary vulerability in IBM Spectrum Symphony with Elasticsearch Vulnerability Details CVEID:CVE-2024-23450 DESCRIPTION: A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash. CWE:CWE-400:...

Enhancing Security in Deep Reinforcement Learning: A Comprehensive Survey on Adversarial Attacks and Defenses

With the wide application of deep reinforcement learning DRL techniques in complex fields such as autonomous driving, intelligent manufacturing, and smart healthcare, how to improve its security and robustness in dynamic and changeable environments has become a core issue in current research...

Exploring the Effect of DNN Depth on Adversarial Attacks in Network Intrusion Detection Systems

Adversarial attacks pose significant challenges to Machine Learning ML systems and especially Deep Neural Networks DNNs by subtly manipulating inputs to induce incorrect predictions. This paper investigates whether increasing the layer depth of deep neural networks affects their robustness agains...

OESA-2025-2484 poppler security update

is a PDF rendering library. Security Fixes: Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in...

Amazon Linux 2023 : polkit, polkit-devel, polkit-libs (ALAS2023-2025-1217)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1217 advisory. A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior,...

Attack-Specialized Deep Learning with Ensemble Fusion for Network Anomaly Detection

The growing scale and sophistication of cyberattacks pose critical challenges to network security, particularly in detecting diverse intrusion types within imbalanced datasets. Traditional intrusion detection systems IDS often struggle to maintain high accuracy across both frequent and rare...

Clutch Control: An Attention-Based Combinatorial Bandit for Efficient Mutation in JavaScript Engine Fuzzing

JavaScript engines are widely used in web browsers, PDF readers, and server-side applications. The rise in concern over their security has led to the development of several targeted fuzzing techniques. However, existing approaches use random selection to determine where to perform mutations in...