Lucene search
K

202 matches found

Snyk
Snyk
added 2025/07/26 3:32 a.m.2 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the gethistogram function when processing a specially crafted TIFF file. An attacker can cause memory corruption, causing a denial of service and potentially impacting confidentiality and integrity, by supplying a...

7.8CVSS5.2AI score0.00238EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/07/26 12:0 a.m.3 views

LibTIFF 资源管理错误漏洞

LibTIFF is a LibTIFF open source library for reading and writing TIFF Tagged Image File Format files. The library contains some command line tools for working with TIFF files. A resource management error vulnerability exists in LibTIFF version 4.7.0 and earlier, which stems from the existence of...

7.8CVSS5.8AI score0.00238EPSS
Exploits1References7
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.4 views

A Dual-Layer Image Encryption Framework Using Chaotic AES with Dynamic S-Boxes and Steganographic QR Codes

This paper presents a robust image encryption and key distribution framework that integrates an enhanced AES-128 algorithm with chaos theory and advanced steganographic techniques for dual-layer security. The encryption engine features a dynamic ShiftRows operation controlled by a logistic map,...

6.8AI score
Exploits0
CVE
CVE
added 2025/06/18 11:2 a.m.27 views

CVE-2022-50075

The CVE-2022-50075 entry concerns Linux kernel tracing/eprobes. A NULL pointer dereference can occur when a symbol "@" is used with an event probe, because eprobes previously did not handle data sources beyond main registers (e.g., immediate addresses, symbols, current task name). The issue is mi...

5.5CVSS6.4AI score0.00154EPSS
Exploits0References3Affected Software1
Packet Storm News
Packet Storm News
added 2025/06/05 12:0 a.m.6 views

Urania: Differentially Private Insights into AI Use

We introduce $Urania$, a novel framework for generating insights about LLM chatbot interactions with rigorous differential privacy DP guarantees. The framework employs a private clustering mechanism and innovative keyword extraction methods, including frequency-based, TF-IDF-based, and LLM-guided...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/28 12:0 a.m.4 views

Private Rate-Constrained Optimization with Applications to Fair Learning

Many problems in trustworthy ML can be formulated as minimization of the model error under constraints on the prediction rates of the model for suitably-chosen marginals, including most group fairness constraints demographic parity, equality of odds, etc.. In this work, we study such constrained...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/13 12:0 a.m.6 views

Robustness Analysis against Adversarial Patch Attacks in Fully Unmanned Stores

The advent of convenient and efficient fully unmanned stores equipped with artificial intelligence-based automated checkout systems marks a new era in retail. However, these systems have inherent artificial intelligence security vulnerabilities, which are exploited via adversarial patch attacks,...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/04 5:21 p.m.15 views

CVE-2023-53093

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

5.5CVSS6.9AI score0.00164EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/05/03 2:50 a.m.2 views

SUSE CVE-2023-53093

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

5.5CVSS6.3AI score0.00164EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2025/05/02 4:15 p.m.5 views

CVE-2023-53093

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/05/02 4:15 p.m.12 views

CVE-2023-53093

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

5.5CVSS0.00164EPSS
Exploits0References3
OSV
OSV
added 2025/05/02 4:15 p.m.1 views

DEBIAN-CVE-2023-53093

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

5.5CVSS5.6AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2025/05/02 4:15 p.m.2 views

UBUNTU-CVE-2023-53093

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

5.5CVSS6.1AI score0.00164EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/05/02 3:55 p.m.13 views

CVE-2023-53093 tracing: Do not let histogram values have some modifiers

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

0.00164EPSS
Exploits0References3
OSV
OSV
added 2025/05/02 3:55 p.m.9 views

CVE-2023-53093 tracing: Do not let histogram values have some modifiers

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not let histogram values have some modifiers Histogram values can not be strings, stacktraces, graphs, symbols, syscalls, or grouped in buckets or log. Give an error if a value is set to do so. Note, the histogram cod...

5.5CVSS6.1AI score0.00164EPSS
Exploits0References6
CVE
CVE
added 2025/05/02 3:55 p.m.90 views

CVE-2023-53093

CVE-2023-53093 affects the Linux kernel tracing subsystem, where histogram values are not allowed to use certain modifiers. The root cause is that histogram code was not prepared to handle modifiers for histograms, leading to a NULL pointer dereference and kernel oops when printing histograms via...

5.5CVSS6.5AI score0.00164EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/02 12:0 a.m.10 views

PT-2025-18857

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A bug in the Linux kernel's histogram code allowed histogram values to have certain modifiers, which caused a bug. The issue occurred when attempting to set a histogram value to a...

7.8CVSS6.8AI score0.0019EPSS
Exploits0References459
CNNVD
CNNVD
added 2025/05/02 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from histogram values not allowing certain modifiers...

5.5CVSS6.4AI score0.00164EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/04/02 1:29 p.m.3 views

SUSE CVE-2025-21899

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix bad hist from corrupting namedtriggers list The following commands causes a crash: cd /sys/kernel/tracing/events/rcu/rcucallback echo 'hist:name=bad:keys=commonpid:onmaxbogus.savecommonpid' trigger bash: echo: write...

5.5CVSS7.7AI score0.00189EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2025/03/28 3:38 a.m.4 views

SUSE CVE-2023-53005

In the Linux kernel, the following vulnerability has been resolved: traceeventshist: add check for return value of 'createhistfield' Function 'createhistfield' is called recursively at traceeventshist.c:1954 and can return NULL-value that's why we have to check it to avoid null pointer dereferenc...

5.5CVSS6.5AI score0.00247EPSS
Exploits0References7
Rows per page
Query Builder