Russia Is Cracking Down on End-to-End Encrypted Calls

Plus: ICE agents accidentally add a random person to a sensitive group chat, Norwegian intelligence blames the Kremlin for hacking a dam, and new facial recognition vans roam the UK...

PP-STAT: an Efficient Privacy-Preserving Statistical Analysis Framework Using Homomorphic Encryption

With the widespread adoption of cloud computing, the need for outsourcing statistical analysis to third-party platforms is growing rapidly. However, handling sensitive data such as medical records and financial information in cloud environments raises serious privacy concerns. In this paper, we...

SUSE CVE-2025-24975

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

CVE-2025-24975

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

DEBIAN-CVE-2025-24975

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

UBUNTU-CVE-2025-24975

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

CVE-2025-24975

Firebird CVE-2025-24975 affects snapshot series prior to 4.0.6.3183, 5.0.2.1610, and 6.0.0.609 where ExtConnPoolSize is not 0 and CryptCallback interface presence does not match, potentially causing a server segfault and exposure across encrypted and unencrypted databases. Patches exist in snapsh...

CVE-2025-24975 Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

CVE-2025-24975 Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

CVE-2025-24975 Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

CVE-2025-24975

Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...

Activate Me!: Designing Efficient Activation Functions for Privacy-Preserving Machine Learning with Fully Homomorphic Encryption

The growing adoption of machine learning in sensitive areas such as healthcare and defense introduces significant privacy and security challenges. These domains demand robust data protection, as models depend on large volumes of sensitive information for both training and inference. Fully...

Pushing the Limits of Frequency Analysis in Leakage Abuse Attacks

Searchable encryption SE is the most scalable cryptographic primitive for searching on encrypted data. Typical SE constructions often allow access-pattern leakage, revealing which encrypted records are retrieved in the server's responses. All the known generic cryptanalyses assume either that the...

PT-2025-33489 · Firebird · Firebird

Name of the Vulnerable Software and Affected Versions: Firebird versions prior to 4.0.6.3183 Firebird versions prior to 5.0.2.1610 Firebird versions prior to 6.0.0.609 Description: Firebird is a relational database. If the ExtConnPoolSize parameter is not set to 0, a server process segfault may...

Linux Distros Unpatched Vulnerability : CVE-2024-39936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make...

CVE-2025-48862

Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted...

PT-2025-33140 · Ctrlx Os · Ctrlx Os

Name of the Vulnerable Software and Affected Versions: ctrlX OS affected versions not specified Description: Ambiguous wording in the web interface of the setup mechanism could lead a user to believe that the backup file is encrypted when a password is set. However, only the private key – if...

EulerOS 2.0 SP13 : grub2 (EulerOS-SA-2025-1976)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.CVE-2024-49504 Tenable has extracted the preceding...

CVE-2025-54809

F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint identity. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Heracles: Chosen Plaintext Attack on AMD SEV-SNP

A whitepaper discussing an attack on AMD SEV-SNP called Heracles that was able to leak kernel memory, crypto keys, and user passwords, as well as demonstrate web session hijacking...