Generative AI for Cybersecurity of Energy Management Systems: Methods, Challenges, and Future Directions

This paper elaborates on an extensive security framework specifically designed for energy management systems EMSs, which effectively tackles the dynamic environment of cybersecurity vulnerabilities and/or system problems SPs, accomplished through the incorporation of novel methodologies. A...

CVE-2025-53032

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks ...

Secure Quantum Key Distribution against Correlated Leakage Source

Quantum key distribution QKD provides information theoretic security based on quantum mechanics, however, its practical deployment is challenged by imperfections of source devices. Among various source loopholes, correlations between transmitted pulses pose a significant yet underexplored securit...

SAFER-D: a Self-Adaptive Security Framework for Distributed Computing Architectures

The rise of the Internet of Things and Cyber-Physical Systems has introduced new challenges on ensuring secure and robust communication. The growing number of connected devices increases network complexity, leading to higher latency and traffic. Distributed computing architectures DCAs have gaine...

CVE-2024-41955

Mobile Security Framework MobSF is a security research platform for mobile applications in Android, iOS and Windows Mobile. An open redirect vulnerability exist in MobSF authentication view. Update to MobSF v4.0.5...

CVE-2024-31215

Mobile Security Framework MobSF is a security research platform for mobile applications in Android, iOS and Windows Mobile. A SSRF vulnerability in firebase database check logic. The attacker can cause the server to make a connection to internal-only services within the organization’s...

CVE-2023-41050

AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use...

CVE-2023-42261

Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...

CVE-2022-41547

Mobile Security Framework MobSF v0.9.2 and below was discovered to contain a local file inclusion LFI vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to read arbitrary files via a crafted HTTP request...

CVE-2020-14552

Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Security Framework. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

CVE-2017-18588

An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates...

Securing RAG: a Risk Assessment and Mitigation Framework

Retrieval Augmented Generation RAG has emerged as the de facto industry standard for user-facing NLP applications, offering the ability to integrate data without re-training or fine-tuning Large Language Models LLMs. This capability enhances the quality and accuracy of responses but also introduc...

CVE-2025-46335

Mobile Security Framework MobSF is a security research platform for mobile applications in Android, iOS and Windows Mobile. A Stored Cross-Site Scripting XSS vulnerability has been identified in MobSF versions up to and including 4.3.2. The vulnerability arises from improper sanitization of...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview mobsf is a Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Affected versions of this package are vulnerable to Improper...

CVE-2025-46730 Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack

MobSF is a mobile application security testing tool used. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web applications. Access to the MobSF web interface is often granted to internal security teams, audit teams, and external...

CVE-2025-46335

Mobile Security Framework MobSF is a security research platform for mobile applications in Android, iOS and Windows Mobile. A Stored Cross-Site Scripting XSS vulnerability has been identified in MobSF versions up to and including 4.3.2. The vulnerability arises from improper sanitization of...

CVE-2025-46335

The CVE-2025-46335 entry concerns Mobile Security Framework (MobSF) and describes a Stored Cross-Site Scripting (XSS) vulnerability in MobSF versions up to 4.3.2, arising from improper sanitization of user-supplied SVG files during the Android APK analysis workflow. Affected component: MobSF Andr...

CVE-2025-46335 Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload

Mobile Security Framework MobSF is a security research platform for mobile applications in Android, iOS and Windows Mobile. A Stored Cross-Site Scripting XSS vulnerability has been identified in MobSF versions up to and including 4.3.2. The vulnerability arises from improper sanitization of...

CVE-2025-46335 Mobile Security Framework (MobSF) Allows Stored Cross Site Scripting (XSS) via malicious SVG Icon Upload

Mobile Security Framework MobSF is a security research platform for mobile applications in Android, iOS and Windows Mobile. A Stored Cross-Site Scripting XSS vulnerability has been identified in MobSF versions up to and including 4.3.2. The vulnerability arises from improper sanitization of...

Cross-site Scripting (XSS)

Overview mobsf is a Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Affected versions of this package are vulnerable to Cross-site...