GaussMarker: Robust Dual-Domain Watermark for Diffusion Models

As Diffusion Models DM generate increasingly realistic images, related issues such as copyright and misuse have become a growing concern. Watermarking is one of the promising solutions. Existing methods inject the watermark into the single-domain of initial Gaussian noise for generation, which...

TooBadRL: Trigger Optimization to Boost Effectiveness of Backdoor Attacks on Deep Reinforcement Learning

Deep reinforcement learning DRL has achieved remarkable success in a wide range of sequential decision-making domains, including robotics, healthcare, smart grids, and finance. Recent research demonstrates that attackers can efficiently exploit system vulnerabilities during the training phase to...

Safeguarding Multimodal Knowledge Copyright in the RAG-As-A-Service Environment

As Retrieval-Augmented Generation RAG evolves into service-oriented platforms Rag-as-a-Service with shared knowledge bases, protecting the copyright of contributed data becomes essential. Existing watermarking methods in RAG focus solely on textual knowledge, leaving image knowledge unprotected. ...

SAGE: Exploring the Boundaries of Unsafe Concept Domain with Semantic-Augment Erasing

Diffusion models DMs have achieved significant progress in text-to-image generation. However, the inevitable inclusion of sensitive information during pre-training poses safety risks, such as unsafe content generation and copyright infringement. Concept erasing finetunes weights to unlearn...

CSVAR: Enhancing Visual Privacy in Federated Learning Via Adaptive Shuffling against Overfitting

Although federated learning preserves training data within local privacy domains, the aggregated model parameters may still reveal private characteristics. This vulnerability stems from clients' limited training data, which predisposes models to overfitting. Such overfitting enables models to...

The Windows Registry Adventure #8: Practical exploitation of hive memory corruption

Posted by Mateusz Jurczyk, Google Project Zero In the previous blog post, we focused on the general security analysis of the registry and how to effectively approach finding vulnerabilities in it. Here, we will direct our attention to the exploitation of hive-based memory corruption bugs, i.e.,...

CVE-2022-42182

Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Directory Traversal...

CVE-2022-42183

Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request Forgery SSRF...

SFIBA: Spatial-Based Full-Target Invisible Backdoor Attacks

Multi-target backdoor attacks pose significant security threats to deep neural networks, as they can preset multiple target classes through a single backdoor injection. This allows attackers to control the model to misclassify poisoned samples with triggers into any desired target class during...

Backdoor Defense in Diffusion Models Via Spatial Attention Unlearning

Text-to-image diffusion models are increasingly vulnerable to backdoor attacks, where malicious modifications to the training data cause the model to generate unintended outputs when specific triggers are present. While classification models have seen extensive development of defense mechanisms,...

CSI2Dig: Recovering Digit Content from Smartphone Loudspeakers Using Channel State Information

Eavesdropping on sounds emitted by mobile device loudspeakers can capture sensitive digital information, such as SMS verification codes, credit card numbers, and withdrawal passwords, which poses significant security risks. Existing schemes either require expensive specialized equipment, rely on...

ROS-20250417-05

Ingress controller vulnerability in the Kubernetes ingress-nginx cluster is related to the use of the Ingress mirror-target and mirror-host annotations to inject configuration into nginx. Exploitation of the The vulnerability could allow an attacker acting remotely to execute arbitrary code...

SUSE CVE-2025-29480

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

AZL-59715 CVE-2025-29480 affecting package gdal 3.6.3-5

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

AZL-61789 CVE-2025-29480 affecting package gdal 3.6.3-2

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

DEBIAN-CVE-2025-29480

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

PYSEC-2025-117

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

UBUNTU-CVE-2025-29480

Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...

GDAL 安全漏洞

GDAL is an open source geospatial data abstraction library from GDAL Open Source. A security vulnerability exists in GDAL version 3.10.2, which originates from a denial of service that can be exploited by a local attacker to cause a buffer overflow via the OGRSpatialReference::Release function...

[SECURITY] Fedora 41 Update: qgis-3.40.5-2.fc41

Geographic Information System GIS manages, analyzes, and displays databases of geographic information. QGIS supports shape file viewing and editing, spatial data storage with PostgreSQL/PostGIS, projection on-the-fly, map composition, and a number of other features via a plugin interface. QGIS al...