5467 matches found
K000152602: Multiple Moby vulnerabilities
Security Advisory Description CVE-2023-28840 Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is common...
The vulnerability of the “Tekon” SCADA system, which stems from the use of strictly encrypted account data, allows a intruder to enhance their privileges and execute arbitrary codes.
The vulnerability of the “Tekon” SCADA system is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow a malicious actor to increase their privileges and execute arbitrary codes remotely...
DVFS: a Dynamic Verifiable Fuzzy Search Service for Encrypted Cloud Data
Cloud storage introduces critical privacy challenges for encrypted data retrieval, where fuzzy multi-keyword search enables approximate matching while preserving data confidentiality. Existing solutions face fundamental trade-offs between security and efficiency: linear-search mechanisms provide...
DESIGN: Encrypted GNN Inference Via Server-Side Input Graph Pruning
Graph Neural Networks GNNs have achieved state-of-the-art performance in various graph-based learning tasks. However, enabling privacy-preserving GNNs in encrypted domains, such as under Fully Homomorphic Encryption FHE, typically incurs substantial computational overhead, rendering real-time and...
Secure and Efficient UAV-Based Face Detection Via Homomorphic Encryption and Edge Computing
This paper aims to propose a novel machine learning ML approach incorporating Homomorphic Encryption HE to address privacy limitations in Unmanned Aerial Vehicles UAV-based face detection. Due to challenges related to distance, altitude, and face orientation, high-resolution imagery and...
The vulnerability of the ColdFusion software platform, which stems from the use of strictly encrypted user credentials, allows attackers to escalate their privileges.
The vulnerability of the ColdFusion software platform is related to the use of strictly encrypted user credentials. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
CVE-2025-53861
A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle MitM and Cross-site scripting XSS attacks allowing attackers to read transmitted data...
EinHops: Einsum Notation for Expressive Homomorphic Operations on RNS-CKKS Tensors
Fully Homomorphic Encryption FHE is an encryption scheme that allows for computation to be performed directly on encrypted data, effectively closing the loop on secure and outsourced computing. Data is encrypted not only during rest and transit, but also during processing. However, FHE provides a...
ConnectWise PSA 安全漏洞
ConnectWise PSA is a specialized service automation software from ConnectWise USA. A security vulnerability exists in ConnectWise PSA versions prior to 2025.9 that stems from the API returning too much user information, which could lead to an authenticated user obtaining an encrypted password has...
CVE-2024-49784
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data values...
CVE-2024-49783
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability t...
CVE-2024-49783
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability t...
CVE-2024-49783
IBM OpenPages with Watson 8.3 and 9.0 are affected by CVE-2024-49783, which describes weaker-than-expected encryption data storage. An authenticated remote attacker with database access or a local attacker with server-file access could extract encrypted data and potentially apply additional crypt...
CVE-2024-49784 IBM OpenPages with Watson information disclosure
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data values...
CVE-2025-48804 Windows BitLocker Security Feature Bypass Vulnerability
...
PT-2025-28549
Name of the Vulnerable Software and Affected Versions: Windows BitLocker affected versions not specified Description: A time-of-check time-of-use toctou race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. This issue raises...
PT-2025-28654 · Ibm · Ibm Openpages With Watson
Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.3 through 9.0 Description: The issue provides weaker than expected security in the storage of encrypted data. An authenticated remote attacker with access to the database or a local attacker with access to...
SharPyShell
SharPyShell SharPyShell is a tiny and obfuscated ASP.NET webshell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C web applications that runs on .NET Framework = 2.0VB is not supported atm. Usage python3 SharPyShell.py genera...
SUSE CVE-2025-38223
In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUGON for the case of encrypted inode with unaligned file size for example, 33K or 1K: 877.737811 run fstests generic/397 at 2025-01-...
SUSE CVE-2025-48494
Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. When using end-to-end encryption, a stored cross-site scripting vulnerability can be exploited by uploading a file with JavaScript code embedded in the filename. After upload and every time someone opens...