PT-2025-22800 · Unknown · Sipass Integrated Ac5102 +1

Name of the Vulnerable Software and Affected Versions: SiPass integrated AC5102 ACC-G2 All versions SiPass integrated ACC-AP All versions Description: A vulnerability has been identified where affected devices do not properly check the integrity of firmware updates. This could allow a local...

CVE-2022-29957

The Emerson DeltaV Distributed Control System DCS through 2022-04-29 mishandles authentication. It utilizes several proprietary protocols for a wide variety of functionality. These protocols include Firmware upgrade 18508/TCP, 18518/TCP; Plug-and-Play 18510/UDP; Hawk services 18507/UDP; Managemen...

CVE-2021-24433

The simple sort WordPress plugin through 0.0.3 does not make sure that the indexurl parameter of the shortcodes "categorysims", "ordersims", "orderbysims", "periodsims", and "tagsims" use allowed URL protocols, which can lead to stored cross-site scripting by users with a role as low as Contribut...

CVE-2019-2909

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. While the...

Poster: Towards an Automated Security Testing Framework for Industrial UEs

With the ongoing adoption of 5G for communication in industrial systems and critical infrastructure, the security of industrial UEs such as 5G-enabled industrial robots becomes an increasingly important topic. Most notably, to meet the stringent security requirements of industrial deployments,...

CVE-2000-1226

Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service crash by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap protocol scan...

A Survey on Secure Machine Learning

In this survey, we will explore the interaction between secure multiparty computation and the area of machine learning. Recent advances in secure multiparty computation MPC have significantly improved its applicability in the realm of machine learning ML, offering robust solutions for...

PT-2025-21665 · Mongodb +2 · Bson::Xs +1

CVE-2025-40906 Multiple Vulnerabilities in BSON::XS Perl Module Versions... https://t.co/9tevViFm0B Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd...

编号撤回

Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation in the United States that is separate from the Mozilla Application Suite. The software supports the IMAP and POP mail protocols as well as the HTML mail format. This CVE number has been withdrawn...

Privacy-Preserving Runtime Verification

Runtime verification offers scalable solutions to improve the safety and reliability of systems. However, systems that require verification or monitoring by a third party to ensure compliance with a specification might contain sensitive information, causing privacy concerns when usual runtime...

Security and Privacy Measurement on Chinese Consumer IoT Traffic Based on Device Lifecycle

In recent years, consumer Internet of Things IoT devices have become widely used in daily life. With the popularity of devices, related security and privacy risks arise at the same time as they collect user-related data and transmit it to various service providers. Although China accounts for a...

CVE-2025-30393 Microsoft Excel Remote Code Execution Vulnerability

...

Nmap Port Scanner 7.97

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols UDP, TCP, ICMP, etc...

Engineering Risk-Aware, Security-By-Design Frameworks for Assurance of Large-Scale Autonomous AI Models

As AI models scale to billions of parameters and operate with increasing autonomy, ensuring their safe, reliable operation demands engineering-grade security and assurance frameworks. This paper presents an enterprise-level, risk-aware, security-by-design approach for large-scale autonomous AI...

openldap security update

An update is available for openldap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LD...

RLSA-2024:5524 Important: bind security update

The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...

USN-7496-3 linux-azure, linux-azure-4.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Character device driver; - Hardware crypto device drivers; - GPU drivers; - Media drivers;...

Unveiling the Landscape of LLM Deployment in the Wild: an Empirical Study

Background: Large language models LLMs are increasingly deployed via open-source and commercial frameworks, enabling individuals and organizations to self-host advanced AI capabilities. However, insecure defaults and misconfigurations often expose LLM services to the public Internet, posing...

CVE-2022-49812

CVE-2022-49812 describes a Linux kernel vulnerability in the bridge driver’s VLAN offload path. When VLANs are offloaded via switchdev, the bridge marks them with BR_VLFLAG_ADDED_BY_SWITCHDEV. Changing the VLAN protocol triggers notifications to switchdev drivers and also to the 8021q driver, whi...

Important: java-11-openjdk

Issue Overview: Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerabilit...