CVE-2005-3753

Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of service Oops via certain IPSec packets that cause alignment problems in standard multi-block cipher processors. NOTE: it is not clear whether this issue can be triggered by an attacker...

Outsourcing SAT-Based Verification Computations in Network Security

The emergence of cloud computing gives huge impact on large computations. Cloud computing platforms offer servers with large computation power to be available for customers. These servers can be used efficiently to solve problems that are complex by nature, for example, satisfiability SAT problem...

PT-2025-22245 · Git +1 · Rtpproxy

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The software experiences a segmentation fault Segv on an unknown address during operation. The crash state involves the rtpp refcnt decref, hash table purge,...

EulerOS Virtualization 2.12.1 : python-requests (EulerOS-SA-2025-1558)

According to the versions of the python-requests package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This...

**UNSUPPORTED WHEN ASSIGNED** GzipHandler causes part of request body to be seen as request body of a separate request

In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a request body. This can result in corrupted and/or inadvertent sharing of data between requests...

CVE-2025-37799

CVE-2025-37799 : Linux kernel vmxnet3 driver XDP handling is fixed for malformed packet sizing in vmxnet3_process_xdp. The issue caused MTU-related connectivity problems when using XDP load balancing with IPIP encapsulation, where some packets (e.g., HTTP GET) could be oversized and, in rare case...

PT-2025-18217 · Vllm · Vllm

Name of the Vulnerable Software and Affected Versions: vLLM versions 0.8.0 through 0.8.4 Description: The issue concerns a critical performance vulnerability in the input preprocessing logic of the multimodal tokenizer. It is caused by inefficient list concatenation operations, resulting in...

Ubuntu 24.04 LTS : Linux kernel (Azure, N-Series) vulnerabilities (USN-7468-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7468-1 advisory. Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...

Differentially Private Quasi-Concave Optimization: Bypassing the Lower Bound and Application to Geometric Problems

Whitepaper called Differentially Private Quasi-Concave Optimization: Bypassing The Lower Bound And Application To Geometric Problems...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Synapse vulnerabilities (USN-7444-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7444-1 advisory. It was discovered that Synapse network policies could be bypassed via specially crafted URLs. An attacker could possibly use this...

Security Science (SecSci), Basic Concepts and Mathematical Foundations

This textbook compiles the lecture notes from security courses taught at Oxford in the 2000s, at Royal Holloway in the 2010s, and currently in Hawaii. The early chapters are suitable for a first course in security. The middle chapters have been used in advanced courses. Towards the end there are...

Text scams grow to steal hundreds of millions of dollars

Text scams alone cost US citizens at least $470 million in 2024, according to new data from the US Federal Trade Commission FTC. Because many scams go unreported, though, this dollar amount might be considerably more. The FTC illustrated this with a graph comparing the reported losses to the numb...

Moodle 4.3.x < 4.3.8 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is 4.1.x prior to 4.1.14, 4.2.x prior to 4.2.11, 4.3.x prior to 4.3.8, or 4.4.x prior to 4.4.4. It is, therefore, affected by multiple vulnerabilities. - An IDOR when fetching report schedules. - Some users can...

April 8, 2025—KB5055523 (OS Build 26100.3775)

April 8, 2025—KB5055523 OS Build 26100.3775 For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows 11, version 24H2, see its update history page. Be sure to follow @WindowsUpdate to find out when new...

OnPrem | CVAD 1912 upgrade throws an error "The license server doesn't support the hosting network"

During CVAD upgrade from 1912 version to 2203 CU3 version, we receive the error "The license server doesn't support the hosting network" and upgrade fails...

Citrix Virtual Apps and Desktops 2402 - Custom Application menus cut off after VDA upgrade

After upgrading the VDA from VDA 1912 to VDA 2402, users may notice that the fonts and graphics are not fitting within the custom application UI. Issue is generally seen when the client display has high resolution. Setting the High DPI setting on the Citrix Workspace App for Windows to Yes, may...

Windows 11 24H2 | Server 2025 - Recovery Media Issue

Issue Resolved in May 13 2025 Windows Update KB5058411 The underlying issue causing recovery media to have the problems documented in this article was resolved in Microsoft Update KB5058411 for Windows 11 and Server 2025. After applying the update, the recovery media must be recreated. Challenge...

GHSA-32G6-MG92-GHM2 SageMaker Workflow component allows possibility of MD5 hash collisions

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...

SageMaker Workflow component allows possibility of MD5 hash collisions

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...

CVE-2025-0508

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...