CVE-2025-55005 ImageMagick: heap-buffer overflow in log colorspace handling

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024...

CVE-2024-48916 affecting package ceph for versions less than 16.2.10-9

CVE-2024-48916 affecting package ceph for versions less than 16.2.10-9. A patched version of the package is available...

Linux Distros Unpatched Vulnerability : CVE-2025-38093

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its...

CVE-2025-38348 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38348 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

MambaITD: an Efficient Cross-Modal Mamba Network for Insider Threat Detection

Enterprises are facing increasing risks of insider threats, while existing detection methods are unable to effectively address these challenges due to reasons such as insufficient temporal dynamic feature modeling, computational efficiency and real-time bottlenecks and cross-modal information...

Per-Element Secure Aggregation against Data Reconstruction Attacks in Federated Learning

Federated learning FL enables collaborative model training without sharing raw data, but individual model updates may still leak sensitive information. Secure aggregation SecAgg mitigates this risk by allowing the server to access only the sum of client updates, thereby concealing individual...

Simplehelp 安全漏洞

SimpleHelp is a remote support software from SimpleHelp, Inc. A security vulnerability exists in Simplehelp versions prior to 5.5.11 that stems from vulnerability to cross-site request forgery attacks...

Akamai Rate Control 安全漏洞

Akamai Rate Control is an API access frequency control software from Akamai Corporation. A security vulnerability exists in Akamai Rate Control versions prior to 2025, which stems from inconsistent rate measurements that could cause requests to exceed thresholds...

PAVO Pay 信任管理问题漏洞

PAVO Pay is a mobile payment management platform from PAVO Turkey. A trust management issue vulnerability exists in PAVO Pay versions prior to 13.05.2025, which stems from the use of hard-coded credentials that could result in reading sensitive constants...

Kintsugi: Decentralized E2EE Key Recovery

Kintsugi is a protocol for key recovery, allowing a user to regain access to end-to-end encrypted data after they have lost their device, but still have their potentially low-entropy password. Existing E2EE key recovery methods, such as those deployed by Signal and WhatsApp, centralize trust by...

BarkBeetle: Stealing Decision Tree Models with Fault Injection

Machine learning models, particularly decision trees DTs, are widely adopted across various domains due to their interpretability and efficiency. However, as ML models become increasingly integrated into privacy-sensitive applications, concerns about their confidentiality have grown, particularly...

Determinação Automática de Limiar de Detecção de Ataques em Redes de Computadores Utilizando Autoencoders

Currently, digital security mechanisms like Anomaly Detection Systems using Autoencoders AE show great potential for bypassing problems intrinsic to the data, such as data imbalance. Because AE use a non-trivial and nonstandardized separation threshold to classify the extracted reconstruction...

Secret Sharing in 5G-MEC: Applicability for Joint Security and Dependability

Multi-access Edge Computing MEC, an enhancement of 5G, processes data closer to its generation point, reducing latency and network load. However, the distributed and edge-based nature of 5G-MEC presents privacy and security challenges, including data exposure risks. Ensuring efficient manipulatio...

SUSE CVE-2022-50092

In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dmpoolregistermetadatathreshold+0x40/0x80 Read of size 8 at addr ffff8881b9d50068 by...

DEBIAN-CVE-2022-50116

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

DEBIAN-CVE-2022-50092

In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dmpoolregistermetadatathreshold+0x40/0x80 Read of size 8 at addr ffff8881b9d50068 by...

CVE-2022-50092

In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dmpoolregistermetadatathreshold+0x40/0x80 Read of size 8 at addr ffff8881b9d50068 by...

UBUNTU-CVE-2022-50092

In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dmpoolregistermetadatathreshold+0x40/0x80 Read of size 8 at addr ffff8881b9d50068 by...

CVE-2022-50092

CVE-2022-50092 affects the Linux kernel dm-thin component. The issue is a use-after-free in dm_pool_register_metadata_threshold called during metadata-threshold registration for a thin-pool, leading to a potential use-after-free in dm_sm_register_threshold_callback. Reproduction involves manipula...

CVE-2022-50092 dm thin: fix use-after-free crash in dm_sm_register_threshold_callback

In the Linux kernel, the following vulnerability has been resolved: dm thin: fix use-after-free crash in dmsmregisterthresholdcallback Fault inject on pool metadata device reports: BUG: KASAN: use-after-free in dmpoolregistermetadatathreshold+0x40/0x80 Read of size 8 at addr ffff8881b9d50068 by...