Effect of Phase Shift Errors on the Security of UAV-Assisted STAR-RIS IoT Networks

Unmanned aerial vehicles UAV-mounted simultaneous transmitting and reflecting reconfigurable intelligent surface STAR-RIS systems can provide full-dimensional coverage and flexible deployment opportunities in future 6G-enabled IoT networks. However, practical imperfections such as jittering and...

PT-2025-33515 · Z2D · Z2D

Name of the Vulnerable Software and Affected Versions: z2d versions 0.7.0 Description: z2d is a pure Zig 2D graphics library. A new multi-sample anti-aliasing MSAA method introduced in version 0.7.0 uses a new buffering mechanism for storing coverage data. Incorrect bounding under certain...

CVE-2025-8675

Server-Side Request Forgery SSRF vulnerability in Drupal AI SEO Link Advisor allows Server Side Request Forgery.This issue affects AI SEO Link Advisor: from 0.0.0 before 1.0.6...

WordPress plugin AI Tools 安全漏洞

WordPress AI Tools plugin is a WordPress plugin based on Artificial Intelligence technology, which is mainly used to optimize website content generation, automate task processing and improve website performance. WordPress AI Tools plugin suffers from a lack of authorization vulnerability, no...

Can Multi-Modal (Reasoning) LLMs Detect Document Manipulation?

Document fraud poses a significant threat to industries reliant on secure and verifiable documentation, necessitating robust detection mechanisms. This study investigates the efficacy of state-of-the-art multi-modal large language models LLMs-including OpenAI O1, OpenAI 4o, Gemini Flash thinking,...

Enhancing GraphQL Security by Detecting Malicious Queries Using Large Language Models, Sentence Transformers, and Convolutional Neural Networks

GraphQL's flexibility, while beneficial for efficient data fetching, introduces unique security vulnerabilities that traditional API security mechanisms often fail to address. Malicious GraphQL queries can exploit the language's dynamic nature, leading to denial-of-service attacks, data...

HEIR: a Universal Compiler for Homomorphic Encryption

This work presents Homomorphic Encryption Intermediate Representation HEIR, a unified approach to building homomorphic encryption HE compilers. HEIR aims to support all mainstream techniques in homomorphic encryption, integrate with all major software libraries and hardware accelerators, and...

Intel Connectivity Performance Suite 安全漏洞

Intel Connectivity Performance Suite is a network optimization software solution from Intel, with key features that include automatically optimizing a computer's network connectivity performance and prioritizing critical applications based on user needs. A competitive condition vulnerability exis...

IBM Engineering Lifecycle Optimization Publishing Cross-Site Scripting Vulnerability

IBM Engineering Lifecycle Optimization Publishing is an automated document generation solution from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Engineering Lifecycle Optimization Publishing versions 7.0.2 and 7.03 that originates from an unvalidated URI...

Enhancing Privacy in Decentralized Min-Max Optimization: a Differentially Private Approach

Decentralized min-max optimization allows multi-agent systems to collaboratively solve global min-max optimization problems by facilitating the exchange of model updates among neighboring agents, eliminating the need for a central server. However, sharing model updates in such systems carry a ris...

CVE-2025-8701

A vulnerability was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /OLOprationLog/GetPageList. The manipulation of the argument optUser leads to sql injection. The attack may ...

CVE-2025-7770

Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable method based on the current timestamp, allowing attackers to recreate valid session IDs. When combined with the ability to circumvent session ID...

Topology Generation of UAV Covert Communication Networks: a Graph Diffusion Approach with Incentive Mechanism

With the growing demand for Uncrewed Aerial Vehicle UAV networks in sensitive applications, such as urban monitoring, emergency response, and secure sensing, ensuring reliable connectivity and covert communication has become increasingly vital. However, dynamic mobility and exposure risks pose...

ProvX: Generating Counterfactual-Driven Attack Explanations for Provenance-Based Detection

Provenance graph-based intrusion detection systems are deployed on hosts to defend against increasingly severe Advanced Persistent Threat. Using Graph Neural Networks to detect these threats has become a research focus and has demonstrated exceptional performance. However, the widespread adoption...

Wanzhou WOES Intelligent Optimization Energy Saving System 注入漏洞

Wanzhou WOES Intelligent Optimization Energy Saving System is an Intelligent Optimization Energy Saving System from the Chinese company Wanzhou. An injection vulnerability exists in version 1.0 of the Wanzhou WOES Intelligent Optimization Energy Saving System, which is caused by an incorrect...

Linux Distros Unpatched Vulnerability : CVE-2024-3854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of- bounds-reads. This vulnerability affects Firefox 125,...

Wanzhou WOES Intelligent Optimization Energy Saving System 注入漏洞

Wanzhou WOES Intelligent Optimization Energy Saving System is an Intelligent Optimization Energy Saving System from the Chinese company Wanzhou. An injection vulnerability exists in version 1.0 of the Wanzhou WOES Intelligent Optimization Energy Saving System, which is caused by incorrect operati...

CVE-2025-8702 Wanzhou WOES Intelligent Optimization Energy Saving System Historical Data Query Module GetVariableByOneIDNew sql injection

A vulnerability classified as critical has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This affects an unknown part of the file /CommonSolution/GetVariableByOneIDNew of the component Historical Data Query Module. The manipulation of the argument ObjectID leads to...

CVE-2024-52890

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scripting due to no validation of URIs...

Secure and Practical Quantum Digital Signatures

Digital signatures represent a crucial cryptographic asset that must be protected against quantum adversaries. Quantum Digital Signatures QDS can offer solutions that are information-theoretically IT secure and thus immune to quantum attacks. In this work, we analyze three existing practical QDS...