Linux Distros Unpatched Vulnerability : CVE-2023-53029

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix the use of GFPKERNEL in atomic context on rt The commit 4af1b64f80fb...

Linux Distros Unpatched Vulnerability : CVE-2024-26616

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned BUG There is a bug...

CVE-2025-1299

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 18.0.5, all versions starting from 18.1 before 18.1.3, all versions starting from 18.2 before 18.2.1 that, under circumstances, could have allowed an unauthorized user to read deployment job logs by...

Quantum Blockchain Survey: Foundations, Trends, and Gaps

Quantum computing poses fundamental risks to classical blockchain systems by undermining widely used cryptographic primitives. In response, two major research directions have emerged: post-quantum blockchains, which integrate quantum-resistant algorithms, and quantum blockchains, which leverage...

Amazon Linux 2023 : tigervnc, tigervnc-icons, tigervnc-license (ALAS2023-2025-1060)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1060 advisory. A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and...

RHEL 8 : firefox (RHSA-2025:10183)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:10183 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

USN-7608-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; CVE-2025-37890...

CVE-2025-50405

Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the FirmwareUpload function and GetFirmwareValidation function...

CVE-2025-52568

NeKernal (mkfs.hefs) contains memory-safety vulnerabilities in versions prior to 0.0.3, caused by unchecked memory operations, unsafe typecasting, and improper input validation. Reported impacts include memory corruption, disk image corruption, denial of service, and potential code execution. The...

USN-7592-1: Linux kernel vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

Towards Reliable Forgetting: a Survey on Machine Unlearning Verification, Challenges, and Future Directions

With growing demands for privacy protection, security, and legal compliance e.g., GDPR, machine unlearning has emerged as a critical technique for ensuring the controllability and regulatory alignment of machine learning models. However, a fundamental challenge in this field lies in effectively...

The Hitchhiker'S Guide to Efficient, End-To-End, and Tight DP Auditing

This paper systematizes research on auditing Differential Privacy DP techniques, aiming to identify key insights into the current state of the art and open challenges. First, we introduce a comprehensive framework for reviewing work in the field and establish three cross-contextual desiderata tha...

PT-2025-26071 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17.0-rc5 Description: A data race issue in the Linux kernel's dmaengine sf-pdma component allows multiple threads to access and modify a DMA channel's descriptor simultaneously, leading to a NULL pointer...

Chain-Of-Code Collapse: Reasoning Failures in LLMs Via Adversarial Prompting in Code Generation

Large Language Models LLMs have achieved remarkable success in tasks requiring complex reasoning, such as code generation, mathematical problem solving, and algorithmic synthesis -- especially when aided by reasoning tokens and Chain-of-Thought prompting. Yet, a core question remains: do these...

Synthetic Tabular Data: Methods, Attacks and Defenses

Synthetic data is often positioned as a solution to replace sensitive fixed-size datasets with a source of unlimited matching data, freed from privacy concerns. There has been much progress in synthetic data generation over the last decade, leveraging corresponding advances in machine learning an...

Cryptography from Lossy Reductions: Towards OWFs from ETH, and Beyond

One-way functions OWFs form the foundation of modern cryptography, yet their unconditional existence remains a major open question. In this work, we study this question by exploring its relation to lossy reductions, i.e., reductions$R$ for which it holds that $IX;RX \ll n$ for all distributions$X...

CVE-2022-33263

Memory corruption due to use after free in Core when multiple DCI clients register and deregister...

CVE-2025-0605

An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Group access controls could allow certain users to bypass two-factor authentication requirements...

Identity Security Has an Automation Problem—And It's Bigger Than You Think

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than ...

CVE-2011-0803

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 8.9 GA through 8.98.4.1, and OneWorld Tools through 24.1.3, allows remote attackers to affect integrity and availability, related to Enterprise Infrastructure SEC...