RecurGuard: Runtime Monitoring for Reasoning-Token Consumption Attacks

Reasoning-capable large language models can be induced to spend their generation budget on injected decoy tasks rather than answering the user's question, causing denial of service when no final answer is produced and denial of wallet when excess output tokens are billed. Input-side safety...

Astra Linux – Vulnerability in ffmpeg

FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from an assertion failure in src/libavutil/mathematics.c...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/flight-math (=0.5.3)

@squawk/flight-math NPM version =0.5.3 is affected by a known vulnerability. The following packages have a transitive dependency on @squawk/flight-math and may be impacted: - @squawk/mcp =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKFLIGHTMATH-16640879...

EUVD-2024-26014

Malicious code in bioql PyPI...

A mutation XSS affects users calling bleach.clean with all of: svg or math in the allowed tags p or br in allowed tags style, title, noscript, script, textarea, noframes, iframe, or xmp in allowed tags the keyword argument strip_comments=False Note: none of the above tags are in the default allowed tags and strip_comments defaults to True.

...

Linux Distros Unpatched Vulnerability : CVE-2020-6816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False...

CVE-2021-38291

FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from a an assertion failure at src/libavutil/mathematics.c...

System Prompt Poisoning: Persistent Attacks on Large Language Models beyond User Injection

Large language models LLMs have gained widespread adoption across diverse applications due to their impressive generative capabilities. Their plug-and-play nature enables both developers and end users to interact with these models through simple prompts. However, as LLMs become more integrated in...

Fedora: Security Advisory for vecmath1.2 (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: vecmath1.2-1.14-36.fc40

This is an unofficial implementation java source code of the javax.vecmath package specified in the JavaTM 3D API 1.2 . The package includes classes for 3-space vector/point, 4-space vector, 4x4, 3x3 matrix, quaternion, axis-angle combination and etc. which are often utilized for computer graphic...

[SECURITY] Fedora 40 Update: apache-commons-math-3.6.1-18.fc40

Commons Math is a library of lightweight, self-contained mathematics and statistics components addressing the most common problems not available in the Java programming language or Commons Lang...

A Celebrated Cryptography-Breaking Algorithm Just Got an Upgrade

Two researchers have improved a well-known technique for lattice basis reduction, opening up new avenues for practical experiments in cryptography and mathematics...

The vulnerability in the `src/libavutil/mathematics.c` component of the FFmpeg multimedia library allows a attacker to cause a service failure.

The vulnerability in the src/libavutil/mathematics.c file of the FFmpeg multimedia library is related to the insufficient use of the assert function. Exploiting this vulnerability allows a remote attacker to cause a service failure...

jointmathematicsmeetings.org Cross Site Scripting vulnerability OBB-2846445

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Malicious code in com.unity.mathematics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 37257a794ebf3ec16e0c1275dd7c56266fcb80b851ef6fa344a7b4b380676bcb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-2066 Malicious code in com.unity.mathematics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 37257a794ebf3ec16e0c1275dd7c56266fcb80b851ef6fa344a7b4b380676bcb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg Ffmpeg team. A security vulnerability exists in FFmpeg, which originates from an assertion failure at src/libavutil/mathematics.c. The vulnerability is caused by the use of the following code:...

CVE-2021-38291

FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from a an assertion failure at src/libavutil/mathematics.c...

CVE-2021-38291

FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from a an assertion failure at src/libavutil/mathematics.c...

CVE-2021-38291

FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from a an assertion failure at src/libavutil/mathematics.c...