12658 matches found
PT-2025-29034
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the virtio-pci subsystem where the result size returned for admin command completion is larger than the actual result data size by 8 bytes. This occurs because the...
REDEditing: Relationship-Driven Precise Backdoor Poisoning on Text-To-Image Diffusion Models
The rapid advancement of generative AI highlights the importance of text-to-image T2I security, particularly with the threat of backdoor poisoning. Timely disclosure and mitigation of security vulnerabilities in T2I models are crucial for ensuring the safe deployment of generative models. We...
GHSA-5423-JCJM-2GPV Traefik affected by Go HTTP Request Smuggling Vulnerability
Summary net/http: request smuggling through invalid chunked data: The net/http package accepts data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk...
Tenable Network Security Nessus 安全漏洞
Tenable Network Security Nessus is a network vulnerability scanning tool developed by Tenable Network Security to detect security vulnerabilities and configuration errors in operating systems, network devices, and applications. Tenable Network Security Nessus contains a security vulnerability tha...
PCMan FTP Server 安全漏洞
PCMan FTP Server is a server software for File Transfer Protocol FTP. A buffer overflow vulnerability exists in PCMan FTP Server that stems from the MPUT Command Handler failing to properly process input data when processing a specific request. No detailed vulnerability details are available at...
Quantum Computing Supported Adversarial Attack-Resilient Autonomous Vehicle Perception Module for Traffic Sign Classification
Deep learning DL-based image classification models are essential for autonomous vehicle AV perception modules since incorrect categorization might have severe repercussions. Adversarial attacks are widely studied cyberattacks that can lead DL models to predict inaccurate output, such as incorrect...
CVE-2025-22022
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to cause IOMMU faults after some Missed Service Errors. Faulting address ...
DEBIAN-CVE-2025-22023
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 "usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped" in v6.11, the driver didn't skip missed isochronous TDs when handling...
DEBIAN-CVE-2025-22022
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to cause IOMMU faults after some Missed Service Errors. Faulting address ...
UBUNTU-CVE-2025-22022
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Apply the link chain quirk on NEC isoc endpoints Two clearly different specimens of NEC uPD720200 one with start/stop bug, one without were seen to cause IOMMU faults after some Missed Service Errors. Faulting address ...
CVE-2025-22023 usb: xhci: Don't skip on Stopped - Length Invalid
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 "usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped" in v6.11, the driver didn't skip missed isochronous TDs when handling...
CVE-2025-22023 usb: xhci: Don't skip on Stopped - Length Invalid
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 "usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped" in v6.11, the driver didn't skip missed isochronous TDs when handling...
CVE-2025-3681
A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MODE Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public...
Privacy-Preserving CNN Training with Transfer Learning: Two Hidden Layers
Whitepaper called Privacy-Preserving CNN Training With Transfer Learning: Two Hidden Layers...
Important: docker
Issue Overview: An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. CVE-2025-22868 SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or no...
Secure Transfer Learning: Training Clean Models against Backdoor in (Both) Pre-Trained Encoders and Downstream Datasets
Transfer learning from pre-trained encoders has become essential in modern machine learning, enabling efficient model adaptation across diverse tasks. However, this combination of pre-training and downstream adaptation creates an expanded attack surface, exposing models to sophisticated backdoor...
PCMan FTP Server 安全漏洞
PCMan FTP Server is a server software for File Transfer Protocol FTP. A buffer overflow vulnerability exists in PCMan FTP Server that originates when the MODE Command Handler component fails to properly validate input data when processing a specific request. No detailed vulnerability details are...
PCMan FTP Server 安全漏洞
PCMan FTP Server is a lightweight FTP server software that provides basic file transfer functionality. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from the CD Command Handler component failing to properly validate input data when processing a specific request. An...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Scripting versions 12.2.3 throu...
SolarWinds Serv-U 跨站脚本漏洞
SolarWinds Serv-U is an FTP File Transfer Protocol server software from the US-based SolarWinds Corporation. A cross-site scripting vulnerability exists in SolarWinds Serv-U, which stems from a client-side cross-site scripting vulnerability that could lead to a local attack...