CVE-2024-52426

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through = 2.8.0...

CVE-2024-12496

The Linear plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'linearblockbuycommissions' shortcode in all versions up to, and including, 2.7.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-26489

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x8664 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective address. This bug mea...

CVE-2022-46381

Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...

Adaptively Secure Distributed Broadcast Encryption with Linear-Size Public Parameters

Distributed broadcast encryption DBE is a variant of broadcast encryption BE that can efficiently transmit a message to a subset of users, in which users independently generate user private keys and user public keys instead of a central trusted authority generating user keys. In this paper, we...

CVE-2022-42710

Nice formerly Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e devices are vulnerable to Stored Cross-Site Scripting XSS...

CVE-2022-31499

Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256...

CVE-2010-2469

The Linear eMerge 50 and 5000 uses a default password of eMerge for the IEIeMerge account, which makes it easier for remote attackers to obtain Video Recorder data by establishing a session to the device...

CVE-2019-7256

Linear eMerge E3-Series devices allow Command Injections...

CVE-2019-7255

Linear eMerge E3-Series devices allow XSS...

CVE-2019-7269

Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution...

CVE-2019-7264

Linear eMerge E3-Series devices allow a Stack-based Buffer Overflow on the ARM platform...

CVE-2019-7265

Linear eMerge E3-Series devices allow Remote Code Execution root access over SSH...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in olang Parse [CVE-2024-45338]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in olang Parse, caused by a flaw which allows specially crafted input that may result in extremely slow non-linear parsing CVE-2024-45338. is used in our speech utilities. This vulnerabilitiy has been addressed...

An Inversion Theorem for Buffered Linear Toeplitz (BLT) Matrices and Applications to Streaming Differential Privacy

Buffered Linear Toeplitz BLT matrices are a family of parameterized lower-triangular matrices that play an important role in streaming differential privacy with correlated noise. Our main result is a BLT inversion theorem: the inverse of a BLT matrix is itself a BLT matrix with different...

Bipartite Randomized Response Mechanism for Local Differential Privacy

With the increasing importance of data privacy, Local Differential Privacy LDP has recently become a strong measure of privacy for protecting each user's privacy from data analysts without relying on a trusted third party. In many cases, both data providers and data analysts hope to maximize the...

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems ICS advisories on April 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-114-01 Schneider Electric Modicon Controllers ICSA-25-114-02 ALBEDO Telecom Net.Time -...

Nice Linear eMerge E3

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary OS commands. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper...

How Private Is Your Attention? Bridging Privacy with In-Context Learning

In-context learning ICL-the ability of transformer-based models to perform new tasks from examples provided at inference time-has emerged as a hallmark of modern language models. While recent works have investigated the mechanisms underlying ICL, its feasibility under formal privacy constraints...

AESHA3: Efficient and Secure Sub-Key Generation for AES Using SHA-3

Advanced Encryption Standard AES is one of the most widely used symmetric cipher for the confidentiality of data. Also it is used for other security services, viz. integrity, authentication and key establishment. However, recently, authors have shown some weakness in the generation of sub-keys in...