CVE-2025-38500 xfrm: interface: fix use-after-free after changing collect_md xfrm interface

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...

Linux Distros Unpatched Vulnerability : CVE-2019-25045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrmstatefini panic, aka CID-dbb2483b2a46...

Linux Distros Unpatched Vulnerability : CVE-2024-43878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix input error path memory access When there is a misconfiguration of input state slo...

Linux Distros Unpatched Vulnerability : CVE-2022-50004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix metadata dst-dev xmit null pointer dereference When we try to transmit an...

[SECURITY] Fedora 42 Update: mingw-libxslt-1.1.43-3.fc42

This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...

Lightweight Fault Detection Architecture for NTT on FPGA

Post-Quantum Cryptographic PQC algorithms are mathematically secure and resistant to quantum attacks but can still leak sensitive information in hardware implementations due to natural faults or intentional fault injections. The intent fault injection in side-channel attacks reduces the reliabili...

Enhanced Deep Learning DeepFake Detection Integrating Handcrafted Features

The rapid advancement of deepfake and face swap technologies has raised significant concerns in digital security, particularly in identity verification and onboarding processes. Conventional detection methods often struggle to generalize against sophisticated facial manipulations. This study...

Characterizing the Sensitivity to Individual Bit Flips in Client-Side Operations of the CKKS Scheme

Homomorphic Encryption HE enables computation on encrypted data without decryption, making it a cornerstone of privacy-preserving computation in untrusted environments. As HE sees growing adoption in sensitive applications such as secure machine learning and confidential data analysis ensuring it...

Fairness-Aware Secure Integrated Sensing and Communications with Fractional Programming

We propose a novel secure integrated sensing and communications ISAC system designed to serve multiple communication users CUs and targets. To that end, we formulate an optimization problem that maximizes the secrecy rate under constraints balancing both communication and sensing requirements. To...

SUSE-SU-2025:20493-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. - CVE-2024-58053: rxrpc: Fix handling of received connection abort bsc123898...

Breaking a 5-Bit Elliptic Curve Key Using a 133-Qubit Quantum Computer

This experiment breaks a 5-bit elliptic curve cryptographic key using a Shor-style quantum attack. Executed on IBM's 133-qubit ibmtorino with Qiskit Runtime 2.0, a 15-qubit circuit, comprised of 10 logical qubits and 5 ancilla, interferes over an order-32 elliptic curve subgroup to extract the...

AZL-75182 CVE-2025-7425 affecting package libxml2 for versions less than 2.10.4-10

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

Detection of Intelligent Tampering in Wireless Electrocardiogram Signals Using Hybrid Machine Learning

With the proliferation of wireless electrocardiogram ECG systems for health monitoring and authentication, protecting signal integrity against tampering is becoming increasingly important. This paper analyzes the performance of CNN, ResNet, and hybrid Transformer-CNN models for tamper detection. ...

MAL-2025-5519 Malicious code in sdp-transform-grammar (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 26ec9a8ad7301b26c32473ba504289ab4b40d221d1de8d91e2d7119ab847b102 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sdp-transform-grammar (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 26ec9a8ad7301b26c32473ba504289ab4b40d221d1de8d91e2d7119ab847b102 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SecONNds: Secure Outsourced Neural Network Inference on ImageNet

The widespread adoption of outsourced neural network inference presents significant privacy challenges, as sensitive user data is processed on untrusted remote servers. Secure inference offers a privacy-preserving solution, but existing frameworks suffer from high computational overhead and...

Animating zooming using CSS: transform order is important… sometimes

I was using Discord the other day. I tapped to zoom into an image, and it animated in an odd way that I'd seen before. Like this: Notice how it kinda 'swoops' into the wildcat's face, rather than zooming straight in? See how the right-hand side of the cat's head goes out-of-frame, and then back i...

Firefox JavaScript Use-After-Free

Firefox has an issues where JavaScript can run during XSLTProcessor transform, leading to a use-after-free condition...

ME: Trigger Element Combination Backdoor Attack on Copyright Infringement

The capability of generative diffusion models DMs like Stable Diffusion SD in replicating training data could be taken advantage of by attackers to launch the Copyright Infringement Attack, with duplicated poisoned image-text pairs. SilentBadDiffusion SBD is a method proposed recently, which shew...

Learning Obfuscations of LLM Embedding Sequences: Stained Glass Transform

The high cost of ownership of AI compute infrastructure and challenges of robust serving of large language models LLMs has led to a surge in managed Model-as-a-service deployments. Even when enterprises choose on-premises deployments, the compute infrastructure is typically shared across many tea...