7042 matches found
Empirical Evaluation of SMOTE in Android Malware Detection with Machine Learning: Challenges and Performance in CICMalDroid 2020
Malware, malicious software designed to damage computer systems and perpetrate scams, is proliferating at an alarming rate, with thousands of new threats emerging daily. Android devices, prevalent in smartphones, smartwatches, tablets, and IoTs, represent a vast attack surface, making malware...
Evasion of IoT Malware Detection Via Dummy Code Injection
The Internet of Things IoT has revolutionized connectivity by linking billions of devices worldwide. However, this rapid expansion has also introduced severe security vulnerabilities, making IoT devices attractive targets for malware such as the Mirai botnet. Power side-channel analysis has...
ACORN-IDS: Adaptive Continual Novelty Detection for Intrusion Detection Systems
Intrusion Detection Systems IDS must maintain reliable detection performance under rapidly evolving benign traffic patterns and the continual emergence of cyberattacks, including zero-day threats with no labeled data available. However, most machine learning-based IDS approaches either assume...
Evaluating and Enhancing the Vulnerability Reasoning Capabilities of Large Language Models
Large Language Models LLMs have demonstrated remarkable proficiency in vulnerability detection. However, a critical reliability gap persists: models frequently yield correct detection verdicts based on hallucinated logic or superficial patterns that deviate from the actual root cause. This...
Moodle 安全漏洞
Moodle is an open-source e-learning software platform developed by Moodle. It is also known as a course management system, learning management system, or virtual learning environment. Versions of Moodle 5.0 and earlier contained security vulnerabilities. These vulnerabilities were caused by...
Hallucination-Resistant Security Planning with a Large Language Model
Large language models LLMs are promising tools for supporting security management tasks, such as incident response planning. However, their unreliability and tendency to hallucinate remain significant challenges. In this paper, we address these challenges by introducing a principled framework for...
Linux-Usermode-Exploitation-101
Linux Usermode Exploitation 101 Introduction The aim of th...
GHSA-J5JV-W5CW-J9FF Moodle authentication bypass vulnerability
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
Moodle authentication bypass vulnerability
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
Improper Handling of Insufficient Permissions or Privileges
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges via the LTI Provider available to suspended users. An attacker can gain unauthorized access to the system and perform actions or access...
CVE-2025-67848
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
CVE-2025-67848
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
CVE-2025-67848
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
UBUNTU-CVE-2025-67848
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
CVE-2025-67848
CVE-2025-67848 affects Moodle. A flaw in the LTI Provider authentication flow allows suspended users to authenticate, because the LTI authentication handlers fail to enforce the user’s suspension status. Implication: unauthorized access that could lead to information disclosure or other restricte...
CVE-2025-67848 Moodle: moodle: authentication bypass via lti provider allows suspended users to gain unauthorized access.
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
CVE-2025-67848
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
CVE-2025-67848 Moodle: moodle: authentication bypass via lti provider allows suspended users to gain unauthorized access.
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
EUVD-2025-206738
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability LTI Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access...
CVE-2026-1375 Tutor LMS <= 3.9.5 - Insecure Direct Object Reference to Authenticated (Instructor+) Arbitrary Course Modification and Deletion
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object References IDOR in all versions up to, and including, 3.9.5. This is due to missing object-level authorization checks in the courselistbulkaction, bulkdeletecourse, and...