MAL-2025-18174 Malicious code in deep-dev (npm)

The package deep-dev was found to contain malicious code...

Malicious code in ug-deep-alt (npm)

The package ug-deep-alt was found to contain malicious code...

CVE-2025-50861

The CVE-2025-50861 entry affects the Lotus Cars Android App (com.lotus.carsdomestic.intl) version 1.2.8, where the exported component PushDeepLinkActivity is accessible without authentication via ADB or malicious apps. This could allow unintended access to application internals and may lead to de...

Social-Sensor Identity Cloning Detection Using Weakly Supervised Deep Forest and Cryptographic Authentication

Recent years have witnessed a rising trend in social-sensor cloud identity cloning incidents. However, existing approaches suffer from unsatisfactory performance, a lack of solutions for detecting duplicated accounts, and a lack of large-scale evaluations on real-world datasets. We introduce a...

Developing a Transferable Federated Network Intrusion Detection System

Intrusion Detection Systems IDS are a vital part of a network-connected device. In this paper, we develop a deep learning based intrusion detection system that is deployed in a distributed setup across devices connected to a network. Our aim is to better equip deep learning models against unknown...

OpenEXR code issue vulnerability (CNVD-2025-24797)

OpenEXR is a high dynamic range image file format designed for the movie industry. A null pointer dereference vulnerability exists in OpenEXR version 3.3.2 when reading a deep scanline image containing a large number of sample points in reduceMemory mode, which stems from a null pointer exception...

VeriPHY: Physical Layer Signal Authentication for Wireless Communication in 5G Environments

Physical layer authentication PLA uses inherent characteristics of the communication medium to provide secure and efficient authentication in wireless networks, bypassing the need for traditional cryptographic methods. With advancements in deep learning, PLA has become a widely adopted technique...

OpenEXR Buffer Overflow Vulnerability (CNVD-2025-24799)

OpenEXR is an open standard for high dynamic range image HDR file formats. A heap buffer overflow vulnerability exists in OpenEXR versions 3.3.0 through 3.3.2 when decompressing ZIPS-compressed deep scanline EXR files, which originates from a write operation out of bounds when processing...

Linux Distros Unpatched Vulnerability : CVE-2025-52999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a...

Medium: jackson-core

Issue Overview: jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth...

Who Got Arrested in the Raid on the XSS Crime Forum?

On July 22, 2025, the European police agency Europol said a long-running investigation led by the French Police resulted in the arrest of a 38-year-old administrator of XSS, a Russian-language cybercrime forum with more than 50,000 members. The action has triggered an ongoing frenzy of speculatio...

Intrusion Detection in Heterogeneous Networks with Domain-Adaptive Multi-Modal Learning

Network Intrusion Detection Systems NIDS play a crucial role in safeguarding network infrastructure against cyberattacks. As the prevalence and sophistication of these attacks increase, machine learning and deep neural network approaches have emerged as effective tools for enhancing NIDS...

SUSE CVE-2025-48071

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...

SUSE CVE-2025-48073

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a...

xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation

A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo and ProcXkbGetDeviceInfo to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs...

Cursor 操作系统命令注入漏洞

Cursor is an AI code editor from Cursor open source. An operating system command injection vulnerability exists in Cursor versions 1.17 through 1.2, which stems from an information disclosure in the MCP deep link handler that could lead to arbitrary system command execution...

com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT

A denial of service flaw has been discovered in Connect2id Nimbus JOSE + JWT. This issue can allow a remote attacker to cause a denial of service via a deeply nested JSON object supplied in a JWT claim set...

OESA-2025-1919 polkit security update

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. Security Fixes: A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggere...

UBUNTU-CVE-2025-48073

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a...

UBUNTU-CVE-2025-48071

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files...