PT-2025-39757

Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A command injection issue exists in D-Link DIR-823X version 250416. The issue is located in the file /goform/delete offline device. Manipulation of the delvalue argument can lead to command injection...

Temporal Logic-Based Multi-Vehicle Backdoor Attacks against Offline RL Agents in End-To-End Autonomous Driving

Assessing the safety of autonomous driving AD systems against security threats, particularly backdoor attacks, is a stepping stone for real-world deployment. However, existing works mainly focus on pixel-level triggers that are impractical to deploy in the real world. We address this gap by...

MoPE: a Mixture of Password Experts for Improving Password Guessing

Textual passwords remain a predominant authentication mechanism in web security. To evaluate their strength, existing research has proposed several data-driven models across various scenarios. However, these models generally treat passwords uniformly, neglecting the structural differences among...

CVE-2025-53884

NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack offline attack where hashes of known passwords are precomputed...

CVE-2025-53884

CVE-2025-53884 concerns NeuVector, where passwords and API keys are stored using a simple, unsalted hash. The provided documents state this scheme is vulnerable to rainbow table attacks (offline hash precomputation), enabling potential credential exposure if hashes are compromised. The NVD entry ...

Linux Distros Unpatched Vulnerability : CVE-2025-39799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: perflib: Move problematic pr-performance check Commit d33bd88ac0eb ACPI:...

CTFDefense

This repository, CTFDefense, contains tools for offline CTF Capture The Flag challenges. The tools are written in Python and are designed to monitor and analyze system events. The repository includes a script called SimpleMonitor.py, which uses the pyinotify library to watch for file system event...

CVE-2025-39799

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: perflib: Move problematic pr-performance check Commit d33bd88ac0eb "ACPI: processor: perflib: Fix initial PPC limit application" added a pr-performance check that prevents the frequency QoS request from being add...

CVE-2025-39799

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-39799

CVE-2025-39799 entry is rejected/not used; not an active vulnerability.

PT-2025-37333

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The Linux kernel contains a flaw related to ACPI processor performance object handling. A check for pr-performance was added in a previous commit, which prevented frequency QoS request...

PT-2025-40069

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc4-dirty 343 Description The Linux kernel contained a flaw in the sched numa find nth cpu function. This function, when used with an offline CPU mask, could lead to a null pointer dereference due to an...

A Kolmogorov-Arnold Network for Interpretable Cyberattack Detection in AGC Systems

Automatic Generation Control AGC is essential for power grid stability but remains vulnerable to stealthy cyberattacks, such as False Data Injection Attacks FDIAs, which can disturb the system's stability while evading traditional detection methods. Unlike previous works that relied on blackbox...

SUSE CVE-2025-38704

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's-nocbcbkthread does not exist, will be created, there is a situation where the rdp's rcuop...

AZL-70754 CVE-2025-38704 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's-nocbcbkthread does not exist, will be created, there is a situation where the rdp's rcuop...

AZL-66893 CVE-2025-38704 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's-nocbcbkthread does not exist, will be created, there is a situation where the rdp's rcuop...

UBUNTU-CVE-2025-38704

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's-nocbcbkthread does not exist, will be created, there is a situation where the rdp's rcuop...

CVE-2025-38704 rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's-nocbcbkthread does not exist, will be created, there is a situation where the rdp's rcuop...

Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens...

CVEs

It is a...