193 matches found
Quantum Key Distribution: Bridging Theoretical Security Proofs, Practical Attacks, and Error Correction for Quantum-Augmented Networks
Quantum Key Distribution QKD is revolutionizing cryptography by promising information-theoretic security through the immutable laws of quantum mechanics. Yet, the challenge of transforming these idealized security models into practical, resilient systems remains a pressing issue, especially as...
EUVD-2019-9080
Malware in sbrugna...
EUVD-2021-2117
Malware in sbrugna...
EUVD-2020-25342
Malware in sbrugna...
cs253.stanford.edu
It is an offensive tool for web application security education. The repository contains a collection of assignments and exercises for the CS 253 Web Security course at Stanford University. The assignments are designed to educate students on various web security topics, including client-side...
PT-2025-36949
Name of the Vulnerable Software and Affected Versions: Acrobat Reader versions 24.001.30254 and earlier Acrobat Reader version 20.005.30774 Acrobat Reader version 25.001.20672 Description: Acrobat Reader is susceptible to a security issue related to a Violation of Secure Design Principles...
Holographic Projection and Cyber Attack Surface: a Physical Analogy for Digital Security
This article presents an in-depth exploration of the analogy between the Holographic Principle in theoretical physics and cyber attack surfaces in digital security. Building on concepts such as black hole entropy and AdS/CFT duality, it highlights how complex infrastructures project their...
PT-2025-27619 · Infinera · Infinera G42
Name of the Vulnerable Software and Affected Versions: Infinera G42 version R6.1.3 Description: The issue allows remote authenticated users to read and write OS files via SFTP connections. Account members of the Network Administrator profile can access the target machine via SFTP with the same...
Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices
The integration of AI/ML into medical devices is rapidly transforming healthcare by enhancing diagnostic and treatment facilities. However, this advancement also introduces serious cybersecurity risks due to the use of complex and often opaque models, extensive interconnectivity, interoperability...
Bridging Unsupervised and Semi-Supervised Anomaly Detection: a Theoretically-Grounded and Practical Framework with Synthetic Anomalies
Anomaly detection AD is a critical task across domains such as cybersecurity and healthcare. In the unsupervised setting, an effective and theoretically-grounded principle is to train classifiers to distinguish normal data from synthetic anomalies. We extend this principle to semi-supervised AD,...
[SECURITY] Fedora 41 Update: python-django5-5.1.10-1.fc41
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
CVE-2025-49843 conda-smithy Has Incorrect Default File Permissions
conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.47.1, the travisheaders function in the conda-smithy repository creates files with permissions exceeding 0o600, allowing read and write...
[SECURITY] Fedora 41 Update: python-django4.2-4.2.22-1.fc41
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
CVE-2022-25838
Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept...
CVE-2020-4095
"BigFix Platform is storing clear text credentials within the system's memory. An attacker who is able to gain administrative privileges can use a program to create a memory dump and extract the credentials. These credentials can be used to pivot further into the environment. The principle of lea...
[SECURITY] Fedora 40 Update: python-django-4.2.20-1.fc40
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
[SECURITY] Fedora 41 Update: python-django-4.2.20-1.fc41
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
[SECURITY] Fedora 42 Update: python-django5-5.1.7-1.fc42
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
CVE-2025-24521
External XML entity injection allows arbitrary download of files. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25...
CVE-2025-21095
Path traversal may lead to arbitrary file download. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25...