Lucene search
K

5468 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 1:20 a.m.8 views

CVE-2010-4764

Open Ticket Request System OTRS before 2.4.10, and 3.x before 3.0.3, does not present warnings about incoming encrypted e-mail messages that were based on revoked PGP or GPG keys, which makes it easier for remote attackers to spoof e-mail communication by leveraging a key that has a revocation...

5CVSS6.9AI score0.01466EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/22 12:0 a.m.3 views

When Safety Detectors Aren'T Enough: a Stealthy and Effective Jailbreak Attack on LLMs Via Steganographic Techniques

Jailbreak attacks pose a serious threat to large language models LLMs by bypassing built-in safety mechanisms and leading to harmful outputs. Studying these attacks is crucial for identifying vulnerabilities and improving model security. This paper presents a systematic survey of jailbreak method...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/22 12:0 a.m.5 views

Interpretable Anomaly Detection in Encrypted Traffic Using SHAP with Machine Learning Models

The widespread adoption of encrypted communication protocols such as HTTPS and TLS has enhanced data privacy but also rendered traditional anomaly detection techniques less effective, as they often rely on inspecting unencrypted payloads. This study aims to develop an interpretable machine...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/21 9:49 p.m.7 views

CVE-2006-5912

Unspecified vulnerability in Campware Campsite before 2.6.2 has unknown impact and attack vectors, related to a "Security fix for you-know-what," possibly related to encrypted passwords...

10CVSS7AI score0.0162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:24 p.m.8 views

CVE-1999-0429

The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference...

7.5CVSS6.9AI score0.01371EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/21 8:33 a.m.5 views

ibm-semeru: IBM Semeru Runtime denial of service

A flaw was found in IBM Semeru Runtime. This vulnerability allows a denial of service via a crafted AES/CBC encrypted input...

7.5CVSS5.7AI score0.00219EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2025/05/21 12:0 a.m.2 views

Pura: an Efficient Privacy-Preserving Solution for Face Recognition

Face recognition is an effective technology for identifying a target person by facial images. However, sensitive facial images raises privacy concerns. Although privacy-preserving face recognition is one of potential solutions, this solution neither fully addresses the privacy concerns nor is...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/21 12:0 a.m.7 views

Fedora 41 : perl-Mojolicious (2025-c38fd06bec)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-c38fd06bec advisory. Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by...

8.1CVSS6.6AI score0.00441EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2025/05/20 1:7 a.m.2 views

SUSE CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

5.5CVSS7.2AI score0.00141EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/05/20 12:0 a.m.5 views

PT-2025-22117 · Salesforce · Omnis Studio

Name of the Vulnerable Software and Affected Versions: Salesforce OmniStudio versions prior to Spring 2025 Description: The issue is related to an Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper, which allows the exposure of encrypted data. Recommendations:...

7.5CVSS9.2AI score0.0041EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2025/05/19 9:54 p.m.21 views

OpenPGP.js's message signature verification can be spoofed

Impact A maliciously modified message can be passed to either openpgp.verify or openpgp.decrypt, causing these functions to return a valid signature verification result while returning data that was not actually signed. This flaw allows signature verifications of inline non-detached signed messag...

8.7CVSS6.6AI score0.00642EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/05/19 9:54 p.m.1 views

GHSA-8QFF-QR5Q-5PR8 OpenPGP.js's message signature verification can be spoofed

Impact A maliciously modified message can be passed to either openpgp.verify or openpgp.decrypt, causing these functions to return a valid signature verification result while returning data that was not actually signed. This flaw allows signature verifications of inline non-detached signed messag...

8.7CVSS5.8AI score0.00642EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/05/19 6:57 p.m.11 views

CVE-2025-47934 OpenPGP.js's message signature verification can be spoofed

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in version 5.0.1 and prior to versions 5.11.3 and 6.1.1, a maliciously modified message can be passed to either openpgp.verify or openpgp.decrypt, causing these functions to return a valid signature verification result...

8.7CVSS6.2AI score0.00642EPSS
Exploits0References5
CVE
CVE
added 2025/05/19 6:57 p.m.237 views

CVE-2025-47934

OpenPGP.js CVE-2025-47934 affects versions prior to 5.11.3 and 6.1.1, where a maliciously modified message can cause openpgp.verify or openpgp.decrypt to return a valid signature verification while the data may not have been signed. This affects inline-signed messages and signed-and-encrypted mes...

8.7CVSS6.2AI score0.00642EPSS
Exploits0References5
OSV
OSV
added 2025/05/19 6:57 p.m.7 views

CVE-2025-47934 OpenPGP.js's message signature verification can be spoofed

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in version 5.0.1 and prior to versions 5.11.3 and 6.1.1, a maliciously modified message can be passed to either openpgp.verify or openpgp.decrypt, causing these functions to return a valid signature verification result...

8.7CVSS8.5AI score0.00642EPSS
Exploits0References7
Citrix
Citrix
added 2025/05/19 12:0 a.m.9 views

Update NetScaler Console certificate

NetScaler Console allows you to replace the default inbuilt database certificates with your own certificates from a trusted certificate authority. You can also configure your own cipher suites in the NetScaler Console database. This feature provides greater flexibility and security for your...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/17 12:0 a.m.3 views

Privacy-Preserving AI for Encrypted Medical Imaging: a Framework for Secure Diagnosis and Learning

The rapid integration of Artificial Intelligence AI into medical diagnostics has raised pressing concerns about patient privacy, especially when sensitive imaging data must be transferred, stored, or processed. In this paper, we propose a novel framework for privacy-preserving diagnostic inferenc...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.4 views

PT-2025-23069 · Fortinet · Fortiportal

Name of the Vulnerable Software and Affected Versions: Fortinet FortiPortal versions 7.0.0 through 7.0.9 Fortinet FortiPortal versions 7.2.0 through 7.2.5 Fortinet FortiPortal version 7.4.0 Description: The issue allows an authenticated attacker with at least read-only admin permissions to view...

2.7CVSS5.7AI score0.00209EPSS
Exploits0References7
Packet Storm News
Packet Storm News
added 2025/05/12 12:0 a.m.6 views

Private LoRA Fine-Tuning of Open-Source LLMs with Homomorphic Encryption

Preserving data confidentiality during the fine-tuning of open-source Large Language Models LLMs is crucial for sensitive applications. This work introduces an interactive protocol adapting the Low-Rank Adaptation LoRA technique for private fine-tuning. Homomorphic Encryption HE protects the...

6.9AI score
Exploits0
CNNVD
CNNVD
added 2025/05/12 12:0 a.m.3 views

ARTEC EMA Mail 安全漏洞

ARTEC EMA Mail is an enterprise-class encrypted mail system from ARTEC. A security vulnerability exists in ARTEC EMA Mail version 6.92 that stems from vulnerability to cross-site request forgery attacks...

8.8CVSS6.7AI score0.0023EPSS
Exploits0References3
Rows per page
Query Builder