PT-2025-39197

Name of the Vulnerable Software and Affected Versions MuPDF version 1.26.4 Description A flaw exists in MuPDF where a null pointer dereference can occur within the break word for overflow wrap function when processing a malformed EPUB document. This happens because the function calls fz html spli...

CVE-2025-55780

A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...

CVE-2025-55780

A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...

CVE-2025-55780

CVE-2025-55780 describes a null pointer dereference in MuPDF 1.26.4 when rendering malformed EPUBs. The crash arises in break_word_for_overflow_wrap() after calling fz_html_split_flow() if node->next is invalid and is dereferenced as node->next->overflow_wrap, potentially allowing an att...

CVE-2025-59420

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...

UBUNTU-CVE-2025-59420

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...

CVE-2025-59420 Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...

GHSA-9GGR-2464-2J32 Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)

Summary Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical header for example, bork or cnf that strict verifiers reject but Authlib accepts. In...

"Digital Camouflage": the LLVM Challenge in LLM-Based Malware Detection

Large Language Models LLMs have emerged as promising tools for malware detection by analyzing code semantics, identifying vulnerabilities, and adapting to evolving threats. However, their reliability under adversarial compiler-level obfuscation is yet to be discovered. In this study, we empirical...

CVE-2025-35435

CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6...

CVE-2025-35435

CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6...

CVE-2025-35435 CISA Thorium download stream divide by zero

CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6...

CVE-2025-35435

CVE-2025-35435 affects CISA Thorium. The vulnerability arises when Thorium accepts a stream split size of zero and then divides by that value, potentially causing a service crash from a remote, authenticated attacker. The fixed version is implemented in commit 89101a6. Multiple connected document...

thorium 安全漏洞

thorium is an extensible file analysis and data generation platform from the individual developer mjcarson. A security vulnerability exists in thorium that stems from accepting a zero-valued stream split size and performing a division operation, which could lead to a remote authenticated attacker...

CVE-2022-50244

In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlpciinitafu|adapter If deviceregister fails in cxlpciafu|adapter, the device is not added, deviceunregister can not be called in the error path, otherwise it will cause a null-ptr-deref becau...

CVE-2022-50244

CVE-2022-50244 affects the Linux kernel code path in cxl_pci_init_afu|adapter() where a failed device_register() leaves a not-added device and leads to a potential null pointer dereference if device_unregister() is called in the error path. The fix splits unregister logic into device_del() and pu...

PT-2025-37498

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the cxl subsystem where a null pointer dereference may occur in the cxl pci init afu|adapter function. Specifically, if device register fails, the...

Collaborative P4-SDN DDoS Detection and Mitigation with Early-Exit Neural Networks

Distributed Denial of Service DDoS attacks pose a persistent threat to network security, requiring timely and scalable mitigation strategies. In this paper, we propose a novel collaborative architecture that integrates a P4-programmable data plane with an SDN control plane to enable real-time DDo...

SUSE CVE-2025-39792

In the Linux kernel, the following vulnerability has been resolved: dm: Always split write BIOs to zoned device limits Any zoned DM target that requires zone append emulation will use the block layer zone write plugging. In such case, DM target drivers must not split BIOs using dmacceptpartialbio...

UBUNTU-CVE-2025-39792

In the Linux kernel, the following vulnerability has been resolved: dm: Always split write BIOs to zoned device limits Any zoned DM target that requires zone append emulation will use the block layer zone write plugging. In such case, DM target drivers must not split BIOs using dmacceptpartialbio...