Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A memory misreference vulnerability exists in the Huawei HarmonyOS screen recording framework module, which can be exploited by attackers to affect...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS App Lock module, which can be exploited by attackers to affect availability...

An In-Depth Systematic Analysis of the Security, Usability, and Automation Capabilities of Password Update Processes on Top-Ranked Websites

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical cyber hygiene measure. However, password update processe...

EUVD-2025-74037

It was possible to upload files with a specific name to a temporary directory, which may result in process crashes and impact usability. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account...

CVE-2025-8998

It was possible to upload files with a specific name to a temporary directory, which may result in process crashes and impact usability. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account...

Explaining Software Vulnerabilities with Large Language Models

The prevalence of security vulnerabilities has prompted companies to adopt static application security testing SAST tools for vulnerability detection. Nevertheless, these tools frequently exhibit usability limitations, as their generic warning messages do not sufficiently communicate important...

[SECURITY] Fedora 43 Update: Thunar-4.20.6-1.fc43

Thunar is a new modern file manager for the Xfce Desktop Environment. It has been designed from the ground up to be fast and easy-to-use. Its user interfa ce is clean and intuitive, and does not include any confusing or useless options. Thunar is fast and responsive with a good start up time and...

You asked, we delivered: Introducing new features for an improved security experience

At the Microsoft Security Response Center MSRC, your feedback drives our innovation. Every enhancement we deliver starts with listening to the security community and our customers. Based on your input, we’ve introduced three new features designed to make your experience more efficient, transparen...

Real-World Usability of Vulnerability Proof-Of-Concepts: A Comprehensive Study

The Proof-of-Concept PoC for a vulnerability is crucial in validating its existence, mitigating false positives, and illustrating the severity of the security threat it poses. However, research on PoCs significantly lags behind studies focusing on vulnerability data. This discrepancy can be...

EUVD-2018-4206

Malware in sbrugna...

EUVD-2021-25599

Malware in sbrugna...

EUVD-2022-5380

Malicious code in bioql PyPI...

A Hybrid CAPTCHA Combining Generative AI with Keystroke Dynamics for Enhanced Bot Detection

Completely Automated Public Turing tests to tell Computers and Humans Apart CAPTCHAs are a foundational component of web security, yet traditional implementations suffer from a trade-off between usability and resilience against AI-powered bots. This paper introduces a novel hybrid CAPTCHA system...

SUSE CVE-2025-39802

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit 773426f4771b "crypto: arm/poly1305 - Add block-only interface". This safety check is cheap and is...

DEBIAN-CVE-2025-39804

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit a59e5468a921 "crypto: arm64/poly1305 - Add block-only interface". This safety check is cheap and ...

CVE-2025-39802

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit 773426f4771b "crypto: arm/poly1305 - Add block-only interface". This safety check is cheap and is...

CVE-2025-39804

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit a59e5468a921 "crypto: arm64/poly1305 - Add block-only interface". This safety check is cheap and ...

CVE-2025-39804

CVE-2025-39804 pertains to the Linux kernel (arm64) where lib/crypto/poly1305 could corrupt SIMD/general-purpose registers in no-SIMD contexts, potentially producing incorrect MACs. The fix restores a safety check to ensure Poly1305 calls do not rely on unusable SIMD state, using may_use_simd() i...

CVE-2025-39804 lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit a59e5468a921 "crypto: arm64/poly1305 - Add block-only interface". This safety check is cheap and ...

CVE-2025-39802 lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit 773426f4771b "crypto: arm/poly1305 - Add block-only interface". This safety check is cheap and is...