Watermarking Quantum Neural Networks Based on Sample Grouped and Paired Training

Quantum neural networks QNNs leverage quantum computing to create powerful and efficient artificial intelligence models capable of solving complex problems significantly faster than traditional computers. With the fast development of quantum hardware technology, such as superconducting qubits,...

InverTune: Removing Backdoors from Multimodal Contrastive Learning Models Via Trigger Inversion and Activation Tuning

Multimodal contrastive learning models like CLIP have demonstrated remarkable vision-language alignment capabilities, yet their vulnerability to backdoor attacks poses critical security risks. Attackers can implant latent triggers that persist through downstream tasks, enabling malicious control ...

Screen Hijack: Visual Poisoning of VLM Agents in Mobile Environments

With the growing integration of vision-language models VLMs, mobile agents are now widely used for tasks like UI automation and camera-based user assistance. These agents are often fine-tuned on limited user-generated datasets, leaving them vulnerable to covert threats during the training process...

CVE-2022-49963

The CVE-2022-49963 entry describes a Linux kernel issue in drm/i915/ttm CCS handling. Root cause: in migrate_copy(), plain integer arithmetic can overflow when handling large objects; emitting PTEs uses the full object size, and copies fail because only a few fixed-size windows exist for mapping ...

CVE-2022-49963 drm/i915/ttm: fix CCS handling

In the Linux kernel, the following vulnerability has been resolved: drm/i915/ttm: fix CCS handling Crucible + recent Mesa seems to sometimes hit: GEMBUGONnumccsblks NUMCCSBLKSPERXFER And it looks like we can also trigger this with gemlmemswapping, if we modify the test to use slightly larger obje...

CVE-2025-38066

In the Linux kernel, the following vulnerability has been resolved: dm cache: prevent BUGON by blocking retries on failed device resumes A cache device failing to resume due to mapping errors should not be retried, as the failure leaves a partially initialized policy object. Repeating the resume...

The vulnerability of the sub_41619C() function in NETGEAR EX3700 router microprogramming software allows a hacker to induce a service failure.

The vulnerability of the sub41619C function in NETGEAR EX3700 router microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending a specially crafted GET request remotely...

CVE-2025-25215 Dell ControlVault3/ControlVault3 Plus cv_close arbitrary free vulnerability

An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an arbitrary free. An attacker can forge a fake session to trigger this vulnerability...

UBUNTU-CVE-2025-22236

Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions = 3007.0...

TooBadRL: Trigger Optimization to Boost Effectiveness of Backdoor Attacks on Deep Reinforcement Learning

Deep reinforcement learning DRL has achieved remarkable success in a wide range of sequential decision-making domains, including robotics, healthcare, smart grids, and finance. Recent research demonstrates that attackers can efficiently exploit system vulnerabilities during the training phase to...

Denial Of Service (DoS)

github.com/pion/interceptor is vulnerable to Denial of Service DoS. The vulnerability is due to improper input validation in the RTP packet factory that fails to correctly validate padding length, allowing crafted RTP packets to trigger a panic in Pion-based SFUs...

CVE-2025-49140 Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)

Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...

UBUNTU-CVE-2025-47712

A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service...

Vulnerability of the rockchip_saradc_trigger_handler() function in the drivers/iio/adc/rockchip_saradc.c module – This driver supports various types of built-in sensors in the Linux operating system. An attacker could exploit this vulnerability to gain access to protected information or cause service failures.

Vulnerability of the rockchipsaradctriggerhandler function in the drivers/iio/adc/rockchipsaradc.c module – The drivers for supporting various types of embedded sensors in the Linux operating system rely on the use of uninitialized resources. Exploiting this vulnerability could allow an attacker ...

OESA-2025-1601 pam security update

PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by...

The vulnerability of the fbdev component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the fbdev component in the Linux operating system’s kernel is related to a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the btrfs component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the btrfs component in Linux operating systems relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the simulation_jalr() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the simulationjalr function in the Linux operating system’s kernel is related to parallel execution using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

Which Factors Make Code LLMs More Vulnerable to Backdoor Attacks? A Systematic Study

Code LLMs are increasingly employed in software development. However, studies have shown that they are vulnerable to backdoor attacks: when a trigger a specific input pattern appears in the input, the backdoor will be activated and cause the model to generate malicious outputs. Researchers have...

SUSE CVE-2025-37999

In the Linux kernel, the following vulnerability has been resolved: fs/erofs/fileio: call erofsonlinefoliosplit after bioaddfolio If bioaddfolio fails because it is full, erofsfileioscanfolio needs to submit the I/O request via erofsfileiorqsubmit and allocate a new I/O request with an empty stru...