Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unnecessary device replacement check in PCI: pciehp...

MTL-UE: Learning to Learn Nothing for Multi-Task Learning

Most existing unlearnable strategies focus on preventing unauthorized users from training single-task learning STL models with personal data. Nevertheless, the paradigm has recently shifted towards multi-task data and multi-task learning MTL, targeting generalist and foundation models that can...

The vulnerability of the SDK components of AirPlay and CarPlay Communication Plug-in, which allows a perpetrator to cause a service failure.

The vulnerability of the SDK components of AirPlay and CarPlay Communication Plug-in relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

CVE-2025-30422

A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination...

CVE-2025-24132

The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination...

CVE-2025-30422

A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination...

CVE-2025-24132

The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communication Plug-in R18.1. An attacker on the local network may cause an unexpected app termination...

CVE-2025-24132

The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination...

CVE-2025-30422

A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination...

CVE-2025-24132

CVE-2025-24132 affects Apple AirPlay SDKs (AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126) and the CarPlay plug‑in (R18.1). The issue is described as a memory handling vulnerability that can cause an application to terminate when exploited from the local network. Public connected documents ...

Apple多款产品 安全漏洞

Apple FairPlay and others are products of Apple Inc.Apple FairPlay is a core component used to provide media playback capabilities to devices.Apple AirPlay audio SDK is an officially licensed development kit that allows third-party hardware products to integrate the AirPlay audio streaming protoc...

Apple多款产品 安全漏洞

Apple FairPlay and others are products of Apple Inc.Apple FairPlay is a core component used to provide media playback capabilities to devices.Apple AirPlay audio SDK is an officially licensed development kit that allows third-party hardware products to integrate the AirPlay audio streaming protoc...

PT-2025-18328

Name of the Vulnerable Software and Affected Versions AirPlay audio SDK versions prior to 2.7.1 AirPlay video SDK versions prior to 3.6.0.126 CarPlay Communication Plug-in versions prior to R18.1 Description A buffer overflow issue was addressed by improving input validation. This could allow an...

DoomArena: a Framework for Testing AI Agents against Evolving Security Threats

We present DoomArena, a security evaluation framework for AI agents. DoomArena is designed on three principles: 1 It is a plug-in framework and integrates easily into realistic agentic frameworks like BrowserGym for web agents and $τ$-bench for tool calling agents; 2 It is configurable and allows...

DEBIAN-CVE-2025-38240

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: drmerr = deverr in HPD path to avoid NULL ptr The function mtkdpwaithpdasserted may be called before the mtkdp-drmdev pointer is assigned in mtkdpbridgeattach. Specifically it can be called via this callpath: -...

UBUNTU-CVE-2025-38240

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: drmerr = deverr in HPD path to avoid NULL ptr The function mtkdpwaithpdasserted may be called before the mtkdp-drmdev pointer is assigned in mtkdpbridgeattach. Specifically it can be called via this callpath: -...

Nullsoft Scriptable Install System 安全漏洞

Nullsoft Scriptable Install System is a specialized open source system from the Nullsoft team for creating Windows installers. A security vulnerability exists in Nullsoft Scriptable Install System versions prior to 3.11, which stems from an improperly created temporary plug-in directory that coul...

Set You Straight: Auto-Steering Denoising Trajectories to Sidestep Unwanted Concepts

Ensuring the ethical deployment of text-to-image models requires effective techniques to prevent the generation of harmful or inappropriate content. While concept erasure methods offer a promising solution, existing finetuning-based approaches suffer from notable limitations. Anchor-free methods...

The vulnerability of the UPnP Device Host operating system in Windows allows a hacker to increase their privileges.

The vulnerability of the UPnP Device Host operating system in Windows relates to the use of insecure mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

CVE-2025-27484

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over a network...