spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length

A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...

DEBIAN-CVE-2025-5878

A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been...

UBUNTU-CVE-2025-5878

A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been...

ARMOR: Robust Reinforcement Learning-Based Control for UAVs under Physical Attacks

Unmanned Aerial Vehicles UAVs depend on onboard sensors for perception, navigation, and control. However, these sensors are susceptible to physical attacks, such as GPS spoofing, that can corrupt state estimates and lead to unsafe behavior. While reinforcement learning RL offers adaptive control...

Vulnerability of the dpu_encoder_phys_init() function in the drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c module – This driver for supporting the Direct Rendering Infrastructure (DRI) of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the dpuencoderphysinit function in the drivers/gpu/drm/msm/disp/dpu1/dpuencoder.c module – The driver for supporting Direct Rendering Infrastructure DRI in Linux kernel is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability could allow...

WebGuard++: Interpretable Malicious URL Detection Via Bidirectional Fusion of HTML Subgraphs and Multi-Scale Convolutional BERT

URL+HTML feature fusion shows promise for robust malicious URL detection, since attacker artifacts persist in DOM structures. However, prior work suffers from four critical shortcomings: 1 incomplete URL modeling, failing to jointly capture lexical patterns and semantic context; 2 HTML graph...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

Shrinking the Generation-Verification Gap with Weak Verifiers

Verifiers can improve language model capabilities by scoring and ranking responses from generated candidates. Currently, high-quality verifiers are either unscalable e.g., humans or limited in utility e.g., tools like Lean. While LM judges and reward models have become broadly useful as...

CVE-2025-38044

In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417 The videodevice for the MPEG encoder did not set devicecaps. Add this, otherwise the video device can't be registered you get a WARNON instead. Not seen before since currently 417 support is...

CVE-2022-50079

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check correct bounds for stream encoder instances for DCN303 Why & How engid for DCN303 cannot be more than 1, since we have only two instances of stream encoders. Check the correct boundary condition for engine ...

SUSE CVE-2022-50182

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...

SUSE CVE-2022-50183

In the Linux kernel, the following vulnerability has been resolved: drm/meson: encodercvbs: Fix refcount leak in mesonencodercvbsinit ofgraphgetremotenode returns remote device nodepointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount...

SUSE CVE-2022-50184

In the Linux kernel, the following vulnerability has been resolved: drm/meson: encoderhdmi: Fix refcount leak in mesonencoderhdmiinit ofgraphgetremotenode returns remote device nodepointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount...

SUSE CVE-2022-50188

In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount leak in mesonencoderhdmiinit offinddevicebynode takes reference, we should use putdevice to release it when not need anymore. Add missing putdevice in error path to avoid refcount leak...

SUSE CVE-2025-38044

In the Linux kernel, the following vulnerability has been resolved: media: cx231xx: set devicecaps for 417 The videodevice for the MPEG encoder did not set devicecaps. Add this, otherwise the video device can't be registered you get a WARNON instead. Not seen before since currently 417 support is...