Apache Guacamole 输入验证错误漏洞

Apache Guacamole is a clientless remote desktop gateway from the Apache USA Foundation. The product supports protocols such as VNC, RDP and SSH. An input validation error vulnerability exists in Apache Guacamole 1.5.5 and earlier versions, which stems from failure to properly validate console cod...

TestSSL 3.2.1

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

TestSSL 3.0.10

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...

PT-2025-27581

Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.5.5 and older Description: The issue is related to improper validation of console codes received from servers via text-based protocols like SSH. A malicious user with access to a text-based connection could execute...

CGA-W825-836W-2W9G

Bulletin has no description...

PT-2025-27314 · Volkswagen · Mib3

Content removed...

OESA-2025-1672 mysql security update

The MySQLTM software delivers a very fast, multi-threaded, multi-user, and robust SQL Structured Query Language database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of Oracle and/or...

Rational Miner Behaviour, Protocol Stability, and Time Preference: an Austrian and Game-Theoretic Analysis of Bitcoin'S Incentive Environment

This paper integrates Austrian capital theory with repeated game theory to examine strategic miner behaviour under different institutional conditions in blockchain systems. It shows that when protocol rules are mutable, effective time preference rises, undermining rational long-term planning and...

CBL Mariner 2.0 Security Update: mysql (CVE-2025-21585)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21585 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions th...

CBL Mariner 2.0 Security Update: mysql (CVE-2025-30689)

The version of mysql installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-30689 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions th...

A Survey of LLM-Driven AI Agent Communication: Protocols, Security Risks, and Defense Countermeasures

In recent years, Large-Language-Model-driven AI agents have exhibited unprecedented intelligence, flexibility, and adaptability, and are rapidly changing human production and lifestyle. Nowadays, agents are undergoing a new round of evolution. They no longer act as an isolated island like LLMs...

CVE-2025-52542

CVE-2025-52542 entry is rejected/not used and does not represent an active vulnerability.

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

...

OSV-2025-484 Heap-buffer-overflow in load_protocols_file_fd

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=426164365 Crash type: Heap-buffer-overflow READ 2 Crash state: loadprotocolsfilefd fuzzfilecfgprotocols.c...

PT-2025-27677 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The issue is a heap-buffer-overflow READ vulnerability. The crash state indicates the vulnerability occurs within the load protocols file fd function in the...

Flexible Hardware-Enabled Guarantees for AI Compute

As artificial intelligence systems become increasingly powerful, they pose growing risks to international security, creating urgent coordination challenges that current governance approaches struggle to address without compromising sensitive information or national security. We propose flexible...

The Trip to ZigBee Backscatter across a Decade, a Systematic Review

The field of backscatter communication has undergone a profound transformation, evolving from a niche technology for radio-frequency identification RFID into a sophisticated paradigm poised to enable a truly battery-free Internet of Things IoT. This evolution is built upon a deepening understandi...

A Theory of Lending Protocols in DeFi

Lending protocols are one of the main applications of Decentralized Finance DeFi, enabling crypto-assets loan markets with a total value estimated in the tens of billions of dollars. Unlike traditional lending systems, these protocols operate without relying on trusted authorities or off-chain...

Physical-Layer Signal Injection Attacks on EV Charging Ports: Bypassing Authentication Via Electrical-Level Exploits

The proliferation of electric vehicles in recent years has significantly expanded the charging infrastructure while introducing new security risks to both vehicles and chargers. In this paper, we investigate the security of major charging protocols such as SAE J1772, CCS, IEC 61851, GB/T 20234, a...

A Sea of Cyber Threats: Maritime Cybersecurity from the Perspective of Mariners

Maritime systems, including ships and ports, are critical components of global infrastructure, essential for transporting over 80% of the world's goods and supporting internet connectivity. However, these systems face growing cybersecurity threats, as shown by recent attacks disrupting Maersk, on...