42 matches found
NCMD: Benign-Anchored Feature Selection for Imbalanced Network Intrusion Detection
Feature selection is critical for network intrusion detection systems NIDS operating under high-dimensional, highly imbalanced traffic, as found in operational and defense networks. Traditional filter methods rank features using global statistics computed symmetrically across classes and thus fai...
CVE-2021-4479 Dräger Atlan A350 1.00 <= 1.01 DoS via Medibus Interface
Dräger Atlan A350 versions 1.00 up to and including 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload...
CVE-2026-34760
A flaw was found in Librosa, a software library used by artificial intelligence AI models like vLLM for processing audio. The library's method for converting stereo audio to mono differs from international standards, causing AI models to interpret audio differently than humans. This inconsistency...
From Component Manipulation to System Compromise: Understanding and Detecting Malicious MCP Servers
The model context protocol MCP standardizes how LLMs connect to external tools and data sources, enabling faster integration but introducing new attack vectors. Despite the growing adoption of MCP, existing MCP security studies classify attacks by their observable effects, obscuring how attacks...
Secure Reinforcement Learning: On Model-Free Detection of Man in the Middle Attacks
We consider the problem of learning-based man-in-the-middle MITM attacks in cyber-physical systems CPS, and extend our previously proposed Bellman Deviation Detection BDD framework for model-free reinforcement learning RL. We refine the standard MDP attack model by allowing the reward function to...
Experimental Evaluation of Security Attacks on Self-Driving Car Platforms
Deep learning-based perception pipelines in autonomous ground vehicles are vulnerable to both adversarial manipulation and network-layer disruption. We present a systematic, on-hardware experimental evaluation of five attack classes: FGSM, PGD, man-in-the-middle MitM, denial-of-service DoS, and...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in the functionstatshow function. Check whether the denominator expression x x - 1 1000 mod 2^32, 2^64 results in zero, and skip the calculation of stddev in such cases. For now, don’t wor...
Quantum Machine Learning Approaches for Coordinated Stealth Attack Detection in Distributed Generation Systems
Coordinated stealth attacks are a serious cybersecurity threat to distributed generation systems because they modify control and measurement signals while remaining close to normal behavior, making them difficult to detect using standard intrusion detection methods. This study investigates quantu...
Binary and Multiclass Cyberattack Classification on GeNIS Dataset
The integration of Artificial Intelligence AI in Network Intrusion Detection Systems NIDS is a promising approach to tackle the increasing sophistication of cyberattacks. However, since Machine Learning ML and Deep Learning DL models rely heavily on the quality of their training data, the lack of...
Perfect Message Authentication Codes Are Robust to Small Deviations from Uniform Key Distributions
We investigate the impact of possible deviations of the probability distribution of key values from a uniform distribution for the information-theoretic strong, or perfect, message authentication code. We found a simple expression for the decrease in security as a function of the statistical...
Optimal Planning for Enhancing the Resilience of Modern Distribution Systems against Cyberattacks
The increasing integration of IoT-connected devices in smart grids has introduced new vulnerabilities at the distribution level. Of particular concern is the potential for cyberattacks that exploit high-wattage IoT devices, such as EV chargers, to manipulate local demand and destabilize the grid...
CVE-2025-53359 ethereum does not check transaction malleability for EIP-2930, EIP-1559 and EIP-7702 transactions
ethereum is a common ethereum structs for Rust. Prior to ethereum crate v0.18.0, signature malleability according to EIP-2 was only checked for "legacy" transactions, but not for EIP-2930, EIP-1559 and EIP-7702 transactions. This is a specification deviation. The signature malleability itself is...
SUSE CVE-2025-21898
In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in functionstatshow Check whether denominator expression x x - 1 1000 mod 2^32, 2^64 produce zero and skip stddev computation in that case. For now don't care about rec-counter rec-counter...
CVE-2025-21898
In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in functionstatshow Check whether denominator expression x x - 1 1000 mod 2^32, 2^64 produce zero and skip stddev computation in that case. For now don't care about rec-counter rec-counter...
DEBIAN-CVE-2025-21898
In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in functionstatshow Check whether denominator expression x x - 1 1000 mod 2^32, 2^64 produce zero and skip stddev computation in that case. For now don't care about rec-counter rec-counter...
CVE-2025-21898 ftrace: Avoid potential division by zero in function_stat_show()
In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in functionstatshow Check whether denominator expression x x - 1 1000 mod 2^32, 2^64 produce zero and skip stddev computation in that case. For now don't care about rec-counter rec-counter...
PT-2025-4296 · Vyper · Vyper
Name of the Vulnerable Software and Affected Versions: Vyper versions 0.2.0 through 0.4.0 Description: The Vyper Compiler has a vulnerability when using the precompiles EcRecover 0x1 and Identity 0x4, where the success flag of the call is not checked. This allows an attacker to provide a specific...
Meaning of deviation parameter under NetScaler monitor setting
This article explains the function of deviation parameter under NetScaler monitor setting...
Upgraded Q -> 3 from #534 [1702060375162]
Judge has assessed an item in Issue 534 as 3 risk. The relevant finding follows: L-03 Consider use stETH/UDS oracle Issue Description: The sponsor has confirmed their choice of Chainlink as an oracle to fetch prices. Since all other LST price feeds are 18 decimal places, they will most likely use...
Intrinsic arbitrage between assets due to price feed deviation threshold
Lines of code Vulnerability details Impact Withdrawals have not yet been implemented but I assume it will be implemented in the usual way such that the fraction of total supply of rsETH a user redeems gives him an equal fraction of total assets held, i.e. received = sharesToRedeem totalAssets /...