Routing-Aware Explanations for Mixture of Experts Graph Models in Malware Detection

Mixture-of-Experts MoE offers flexible graph reasoning by combining multiple views of a graph through a learned router. We investigate routing-aware explanations for MoE graph models in malware detection using control flow graphs CFGs. Our architecture builds diversity at two levels. At the node...

Pega Platform 安全漏洞

Pega Platform is an enterprise management platform from Pega Corporation, USA. A security vulnerability exists in Pega Platform versions 8.7.5 through 24.2.2, which stems from an insecure direct object reference in a user interface component that could lead to data readout...

EUVD-2020-5715

Malware in sbrugna...

EUVD-2024-19192

Malicious code in bioql PyPI...

QNAP License Center Cross-Site Scripting Vulnerability

QNAP License Center is a certificate center of Qualicom Technology QNAP Inc. in Taiwan, China. QNAP License Center suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data. An attacker could exploit this...

QNAP License Center 跨站脚本漏洞

QNAP License Center is a certificate center of Qualicom Technology QNAP Inc. in Taiwan, China. QNAP License Center suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data. An attacker could exploit this...

The vulnerability of the nilfs2 component in the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the nilfs2 component in the Linux operating system’s kernel is related to readout errors beyond the boundary in the nilfstypebymode function. Exploiting this vulnerability can allow an attacker to cause a service failure...

Design/Logic Flaw

A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC 7KM3120-0BA01-1DA0 All versions = V3.2.3 = V3.2.3 = V3.2.3 = V3.2.3 V3.3.0 only when manufactured between LQN231003... and LQN231215... with LQNYYMMDD.... The read out protection of the internal flash of affected devices was not...

CVE-2024-21483

A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC 7KM3120-0BA01-1DA0 All versions = V3.2.3 = V3.2.3 = V3.2.3 = V3.2.3 V3.2.4 only when manufactured between LQN231003... and LQN231215... with LQNYYMMDD.... The read out protection of the internal flash of affected devices was not...

PT-2024-2276 · Siemens · Sentron 7Km Pac3220 Ac/Dc +1

Name of the Vulnerable Software and Affected Versions: SENTRON 7KM PAC3120 AC/DC versions V3.2.3 through V3.2.4 SENTRON 7KM PAC3120 DC versions V3.2.3 through V3.2.4 SENTRON 7KM PAC3220 AC/DC versions V3.2.3 through V3.2.4 SENTRON 7KM PAC3220 DC versions V3.2.3 through V3.2.4 Description: A...

PT-2024-39: Readout protection level bypass before the first power-on cycle in GigaDevice Semiconductor products

The vulnerability of readout protection level bypass before the first power-on cycle was identified in series GD32F1x0, GD32F4xx, GD32F3x0 of GigaDevice Semiconductor products. The discovered vulnerability can be exploited by an attacker to take a snapshot of RAM before initialization or to chang...

PT-2024-40: Readout protection level bypass in GigaDevice Semiconductor products

The vulnerability was identified in in series GD32E23x, GD32F20x, GD32F1x0, GD32F4xx, GD32F30x, GD32C10x, GD32E10x, GD32E50x of GigaDevice Semiconductor products. The vulnerability can be exploited by an attacker to run arbitrary shell code in SRAM. Vulnerability status: Confirmed by research Dat...

SUSE CVE-2020-27208

The flash read-out protection RDP level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface...

STMicroelectronics STM32L4 Access Control Error Vulnerability

The STMicroelectronics STM32L4 is a series of ultra-low power microcontrollers from STMicroelectronics, an Italian and French company. The STMicroelectronics STM32L4 suffers from an access control error vulnerability that stems from the fact that flash readout protection can be degraded from RDP...

CVE-2020-27211

Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection APPROTECT can be bypassed by injecting a fault during the boot phase...

CVE-2020-27212

STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection RDP can be degraded from RDP level 2 no access via debug interface to level 1 limited access via debug interface by injecting a fault during the boot phase...

CVE-2020-27208

The flash read-out protection RDP level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface...

CVE-2020-27212

STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection RDP can be degraded from RDP level 2 no access via debug interface to level 1 limited access via debug interface by injecting a fault during the boot phase...

STMicroelectronics STM32L4 注入漏洞

The STMicroelectronics STM32L4 is a series of ultra-low power microcontrollers from STMicroelectronics, an Italian and French company. The STMicroelectronics STM32L4 suffers from an access control error vulnerability that stems from the fact that flash readout protection can be degraded from RDP...

SoloKeys Solo 加密问题漏洞

SoloKeys Solo is an open source security key. SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token suffers from a security vulnerability that stems from not enforcing the flash readout protection RDP level. This allows an attacker to lower the RDP level...