A Study on Mixup-Inspired Augmentation Methods for Software Vulnerability Detection

Various deep learning DL methods have recently been utilized to detect software vulnerabilities. Real-world software vulnerability datasets are rare and hard to acquire, as there is no simple metric for classifying vulnerability. Such datasets are heavily imbalanced, and none of the current...

CVE-2025-2986 IBM Maximo Asset Management cross-site scripting

IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

TSCL:Multi-Party Loss Balancing Scheme for Deep Learning Image Steganography Based on Curriculum Learning

For deep learning-based image steganography frameworks, in order to ensure the invisibility and recoverability of the information embedding, the loss function usually contains several losses such as embedding loss, recovery loss and steganalysis loss. In previous research works, fixed loss weight...

Cluster-Aware Attacks on Graph Watermarks

Data from domains such as social networks, healthcare, finance, and cybersecurity can be represented as graph-structured information. Given the sensitive nature of this data and their frequent distribution among collaborators, ensuring secure and attributable sharing is essential. Graph...

Provable Secure Steganography Based on Adaptive Dynamic Sampling

The security of private communication is increasingly at risk due to widespread surveillance. Steganography, a technique for embedding secret messages within innocuous carriers, enables covert communication over monitored channels. Provably Secure Steganography PSS is state of the art for making...

CVE-2022-43850 IBM Aspera Console cross-site scripting

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

BIT-JOOMLA-2022-23801 [20220309] - Core - XSS attack vector through SVG

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in commedia...

PT-2025-14520 · Ibm · Ibm Txseries For Multiplatforms

Name of the Vulnerable Software and Affected Versions: IBM TXSeries for Multiplatforms versions 9.1 through 11.1 Description: The issue allows an authenticated user to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials...

CVE-2025-27609

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim's Icinga Web, allows to embed arbitrary Javascript into it and to act on...

CVE-2025-27609

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim's Icinga Web, allows to embed arbitrary Javascript into it and to act on...

CVE-2025-27406

Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...

CVE-2025-27609

Icinga Web 2 contains a reflected XSS vulnerability (CVE-2025-27609) in versions prior to 2.11.5 and 2.12.13, allowing an attacker to craft a request that injects JavaScript and acts on behalf of the user. OpenSUSE SUSE and other feeds document ongoing fixes; migration paths include upgrading to ...

CVE-2025-27406 Icinga Reporting Stored XSS leads to SSRF

Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...

CVE-2025-27406 Icinga Reporting Stored XSS leads to SSRF

Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...

CVE-2025-27404

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of tha...

CVE-2025-27405

Icinga Web 2 contains a cross-site scripting vulnerability (CVE-2025-27405) where an attacker can craft a URL that, when visited by a user, can embed arbitrary JavaScript and act on behalf of that user. Affected versions are prior to 2.11.5 and 2.12.13; the issue is fixed in 2.11.5 and 2.12.3. As...

CVE-2025-27405 Icinga Web 2 has XSS in embedded content

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of tha...

CVE-2025-27405

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of tha...

CVE-2025-27405 Icinga Web 2 has XSS in embedded content

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of tha...

CVE-2025-27404 Icinga Web 2 DOM-based XSS vulnerability

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of tha...