21 matches found
Explainable PQC: A Layered Interpretive Framework for Post-Quantum Cryptographic Security Assumptions
This paper studies how post-quantum cryptographic PQC security assumptions can be represented and communicated through a structured, layered framework that is useful for technical interpretation but does not replace formal cryptographic proofs. We propose "Explainable PQC,'' an interdisciplinary...
UBUNTU-CVE-2026-3503
Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...
CVE-2026-3503
Protection mechanism failure in wolfCrypt post-quantum implementations ML-KEM and ML-DSA in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during...
Benchmarking Post-Quantum Cryptography on Resource-Constrained IoT Devices: ML-KEM and ML-DSA on ARM Cortex-M0+
The migration to post-quantum cryptography is urgent for Internet of Things devices with 10-20 year lifespans, yet no systematic benchmarks exist for the finalised NIST standards on the most constrained 32-bit processor class. This paper presents the first isolated algorithm-level benchmarks of...
EUVD-2025-2139
Malicious code in bioql PyPI...
CVE-2025-1389
Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-1389 Learning Digital Orca HCM - SQL Injection
Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-1389 Learning Digital Orca HCM - SQL Injection
Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2025-1387
Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to log in to the system as any user...
CVE-2025-1388 Learning Digital Orca HCM - Arbitrary File Upload
Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and run web shells...
CVE-2025-1388 Learning Digital Orca HCM - Arbitrary File Upload
Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and run web shells...
CVE-2025-1387 Learning Digital Orca HCM - Improper Authentication
Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to log in to the system as any user...
CVE-2025-1387 Learning Digital Orca HCM - Improper Authentication
Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to log in to the system as any user...
Learning Digital Orca HCM 代码问题漏洞
Learning Digital Orca HCM is a digital learning platform from China-based Learning Digital. A code issue vulnerability exists in Learning Digital Orca HCM, which stems from an improper implementation of the file upload functionality. An attacker can exploit the vulnerability to upload and run a W...
PT-2025-6911
Name of the Vulnerable Software and Affected Versions: Orca HCM from LEARNING DIGITAL affected versions not specified Description: The issue is related to an Improper Authentication vulnerability, allowing unauthenticated remote attackers to log in to the system as any user. Recommendations: At t...
Learning Digital Orca HCM SQL注入漏洞
Learning Digital Orca HCM is a digital learning platform from China-based Learning Digital. Learning Digital Orca HCM suffers from a SQL injection vulnerability that stems from improper handling of SQL queries. An attacker can inject arbitrary SQL commands to read, modify, or delete database...
CVE-2024-8585
Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remote attacker with regular privileges to download arbitrary system files...
CVE-2024-8584
Orca HCM from LEARNING DIGITAL has an Missing Authentication vulnerability, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and subsequently use it to log in...
CVE-2024-8584
Orca HCM from LEARNING DIGITAL has an Missing Authentication vulnerability, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and subsequently use it to log in...
CVE-2024-8584
CVE-2024-8584 affects Orca HCM by LEARNING DIGITAL and is described as a Missing Authentication vulnerability that allows an unauthenticated remote attacker to create an administrator account and log in. CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base score 9.8) indicates a critical imp...