gstreamer1-plugins-bad-free: mingw-gstreamer1-plugins-bad-free: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

A flaw was found in GStreamer H265 Codec Parsing gstreamer1-plugins-bad-free. This vulnerability allows remote attackers to execute arbitrary code by parsing H265 slice headers...

The ROI of DSPM: Why Data Security Posture Management Is a Business Imperative

See how Data Security Posture Management DSPM delivers measurable impact across risk reduction, compliance, and operational efficiency...

GStreamer 安全漏洞

GStreamer is a GStreamer open source set of frameworks for processing streaming media. A security vulnerability exists in GStreamer that stems from not properly validating the data length when parsing H265 slice headers, which could lead to remote code execution...

Efficient Privacy-Preserving Cross-Silo Federated Learning with Multi-Key Homomorphic Encryption

Federated Learning FL is susceptible to privacy attacks, such as data reconstruction attacks, in which a semi-honest server or a malicious client infers information about other clients' datasets from their model updates or gradients. To enhance the privacy of FL, recent studies combined Multi-Key...

Outsourced Privacy-Preserving Feature Selection Based on Fully Homomorphic Encryption

Feature selection is a technique that extracts a meaningful subset from a set of features in training data. When the training data is large-scale, appropriate feature selection enables the removal of redundant features, which can improve generalization performance, accelerate the training process...

MorphMark: Flexible Adaptive Watermarking for Large Language Models

Watermarking by altering token sampling probabilities based on red-green list is a promising method for tracing the origin of text generated by large language models LLMs. However, existing watermark methods often struggle with a fundamental dilemma: improving watermark effectiveness the...

PoLO: Proof-Of-Learning and Proof-Of-Ownership at Once with Chained Watermarking

Machine learning models are increasingly shared and outsourced, raising requirements of verifying training effort Proof-of-Learning, PoL to ensure claimed performance and establishing ownership Proof-of-Ownership, PoO for transactions. When models are trained by untrusted parties, PoL and PoO mus...

AES-RV: Hardware-Efficient RISC-V Accelerator with Low-Latency AES Instruction Extension for IoT Security

The Advanced Encryption Standard AES is a widely adopted cryptographic algorithm essential for securing embedded systems and IoT platforms. However, existing AES hardware accelerators often face limitations in performance, energy efficiency, and flexibility. This paper presents AES-RV, a...

Adversarially Robust Spiking Neural Networks with Sparse Connectivity

Deployment of deep neural networks in resource-constrained embedded systems requires innovative algorithmic solutions to facilitate their energy and memory efficiency. To further ensure the reliability of these systems against malicious actors, recent works have extensively studied adversarial...

Cape: Context-Aware Prompt Perturbation Mechanism with Differential Privacy

Large Language Models LLMs have gained significant popularity due to their remarkable capabilities in text understanding and generation. However, despite their widespread deployment in inference services such as ChatGPT, concerns about the potential leakage of sensitive user data have arisen...

Practical Ways to Improve Your Digital Efficiency

Optimizing your online productivity is more important than ever. Whether you’re a business owner, freelancer, or simply someone…...

Security, Uninterrupted: Inside Qualys’ Zero-Touch Security Vision with Qualys Cloud Agent

New Feature: Remote Log Collection for Seamless Troubleshooting and Analysis In the modern enterprise, where resilience and scale are non-negotiable, the margin for error in cybersecurity has all but disappeared. Yet the tools available to security teams remain tethered to legacy...

[SECURITY] Fedora 40 Update: nodejs22-22.15.0-2.fc40

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

Standing Firm in 5G: a Single-Round, Dropout-Resilient Secure Aggregation for Federated Learning

Federated learning FL is well-suited to 5G networks, where many mobile devices generate sensitive edge data. Secure aggregation protocols enhance privacy in FL by ensuring that individual user updates reveal no information about the underlying client data. However, the dynamic and large-scale...

Optimizing Mouse Dynamics for User Authentication by Machine Learning: Addressing Data Sufficiency, Accuracy-Practicality Trade-Off, and Model Performance Challenges

User authentication is essential to ensure secure access to computer systems, yet traditional methods face limitations in usability, cost, and security. Mouse dynamics authentication, based on the analysis of users' natural interaction behaviors with mouse devices, offers a cost-effective,...

A Contrastive Federated Semi-Supervised Learning Intrusion Detection Framework for Internet of Robotic Things

In intelligent industry, autonomous driving and other environments, the Internet of Things IoT highly integrated with robotic to form the Internet of Robotic Things IoRT. However, network intrusion to IoRT can lead to data leakage, service interruption in IoRT and even physical damage by...

Safety Analysis in the NGAC Model

We study the safety problem for the next-generation access control NGAC model. We show that under mild assumptions it is coNP-complete, and under further realistic assumptions we give an algorithm for the safety problem that significantly outperforms naive brute force search. We also show that...

Enhancing Noisy Functional Encryption for Privacy-Preserving Machine Learning

Functional encryption FE has recently attracted interest in privacy-preserving machine learning PPML for its unique ability to compute specific functions on encrypted data. A related line of work focuses on noisy FE, which ensures differential privacy in the output while keeping the data encrypte...

Sparsification under Siege: Defending against Poisoning Attacks in Communication-Efficient Federated Learning

Federated Learning FL enables collaborative model training across distributed clients while preserving data privacy, yet it faces significant challenges in communication efficiency and vulnerability to poisoning attacks. While sparsification techniques mitigate communication overhead by...

SUSE CVE-2025-3887

GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...