14 matches found
Insights into Security-Related AI-Generated Pull Requests
Recent years have experienced growing contributions of AI coding agents that assist human developers in various software engineering tasks. However, this growing AI-assisted autonomy raises questions about security and trust. In this paper, we analyze more than 33,000 AI-generated pull requests P...
Secure One-Sided Device-Independent Quantum Key Distribution under Collective Attacks with Enhanced Robustness
We study the security of a quantum key distribution QKD protocol under the one-sided device-independent 1sDI setting, which assumes trust in only one party's measurement device. This approach effectively provides a balance between the experimental viability of device-dependent DD-QKD and the...
CVE-2025-53539
FastAPI Guard is a security library for FastAPI that provides middleware to control IPs, log requests, and detect penetration attempts. fastapi-guard's penetration attempts detection uses regex to scan incoming requests. However, some of the regex patterns used in detection are extremely...
Unraveling Ethereum'S Mempool: the Impact of Fee Fairness, Transaction Prioritization, and Consensus Efficiency
Ethereum's transaction pool mempool dynamics and fee market efficiency critically affect transaction inclusion, validator workload, and overall network performance. This research empirically analyzes gas price variations, mempool clearance rates, and block finalization times in Ethereum's...
SUSE-SU-2025:0235-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.26+4 January 2025 CPU Security fixes: - CVE-2025-21502: Enhance array handling JDK-8330045, bsc1236278 Other changes: - JDK-8224624: Inefficiencies in CodeStrings::addcomment cause - timeouts - JDK-822504...
Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them
In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and...
FreeBSD : powerdns-recursor -- denial of service (8727b513-855b-11ef-9e50-6805ca2fa271)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8727b513-855b-11ef-9e50-6805ca2fa271 advisory. PowerDNS Team reports: PowerDNS Security Advisory 2024-04: Crafted responses can lead to a denial of...
CVE-2024-25590 Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor
An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service...
CVE-2024-25590 Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor
An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service...
powerdns-recursor -- denial of service
PowerDNS Team reports: PowerDNS Security Advisory 2024-04: Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor...
How to address inefficiencies of using multiple cybersecurity systems
By Uzair Amir Much has changed in the field of cybersecurity after decades of evolving. Before, having an antivirus was considered adequate. Then came next-generation antivirus. This is a post from HackRead.com Read the original post: How to address inefficiencies of using multiple cybersecurity...
Design/Logic Flaw
A vulnerability in the Akamai Connect feature of Cisco Wide Area Application Services WAAS Appliances could allow an unauthenticated, remote attacker to cause a denial-of-service DoS condition on an affected device. The vulnerability is due to certain file-handling inefficiencies of the affected...
Cisco Wide Area Application Services Denial-of-Service Vulnerability
A vulnerability in the Akamai Connect feature of Cisco Wide Area Application Services WAAS Appliances could allow an unauthenticated, remote attacker to cause a denial-of-service DoS condition on an affected device. The vulnerability is due to certain file-handling inefficiencies of the affected...
tomcat -- Denial of Service
The Tomcat security team reports: Analysis of the recent hash collision vulnerability identified unrelated inefficiencies with Apache Tomcat's handling of large numbers of parameters and parameter values. These inefficiencies could allow an attacker, via a specially crafted request, to cause larg...