438 matches found
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds access vulnerability exists in the Huawei HarmonyOS audio codec module, which can be exploited by an attacker to cause a usability impact...
Unveiling Usability Challenges in Web Privacy Controls
With the increasing concerns around privacy and the enforcement of data privacy laws, many websites now provide users with privacy controls. However, locating these controls can be challenging, as they are frequently hidden within multiple settings and layers. Moreover, the lack of standardizatio...
User-To-PC Authentication through Confirmation on Mobile Devices: on Usability and Performance
Protecting personal computers PCs from unauthorized access typically relies on password authentication, which is know to suffer from cognitive burden and weak credentials. As many users nowadays carry mobile devices with advanced security features throughout their day, there is an opportunity to...
CVE-2025-3225
An XML Entity Expansion vulnerability, also known as a 'billion laughs' attack, exists in the sitemap parser of the run-llama/llamaindex repository, specifically affecting version v0.12.21. This vulnerability allows an attacker to supply a malicious Sitemap XML, leading to a Denial of Service DoS...
BlowPrint: Blow-Based Multi-Factor Biometrics for Smartphone User Authentication
Biometric authentication is a widely used security mechanism that leverages unique physiological or behavioral characteristics to authenticate users. In multi-factor biometrics MFB, multiple biometric modalities, e.g., physiological and behavioral, are integrated to mitigate the limitations...
Unspecified vulnerability in Huawei HarmonyOS and EMUI (CNVD-2025-16596)
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...
SUSE CVE-2025-48056
Hubble is a fully distributed networking and security observability platform for cloud native workloads. Prior to version 1.17.2, a network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output...
Usability of Token-Based and Remote Electronic Signatures: a User Experience Study
As electronic signatures e-signatures become increasingly integral to secure digital transactions, understanding their usability and security perception from an end-user perspective has become crucial. This study empirically evaluates and compares two major e-signature systems -- token-based and...
CVE-2023-31854
std::badalloc is mishandled in Precomp 0.4.8. NOTE: this is disputed because it should be categorized as a usability problem...
CVE-2023-46051
TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem...
CVE-2023-45925
GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain a NULL pointer dereference via the function xerrorhandler at tty/x11conn.c. NOTE: this is disputed because it should be categorized as a usability problem an X operation silently fails...
CVE-2023-46048
Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem...
One Trigger Token Is Enough: a Defense Strategy for Balancing Safety and Usability in Large Language Models
Large Language Models LLMs have been extensively used across diverse domains, including virtual assistants, automated code generation, and scientific research. However, they remain vulnerable to jailbreak attacks, which manipulate the models into generating harmful responses despite safety...
[SECURITY] Fedora 41 Update: epiphany-47.7-1.fc41
Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the web content, instead of the browser application...
Drupal Sportsleague 安全漏洞
Drupal Sportsleague is a module plugin in the Drupal content management system for the Drupal community. A security vulnerability exists in Drupal Sportsleague that stems from a problem with the project file that affects usability...
Drupal UEditor 安全漏洞
Drupal UEditor is a module plugin in the Drupal content management system for the Drupal community. A security vulnerability exists in Drupal UEditor that stems from a problem with the project files that affects usability...
Designing a Reliable Lateral Movement Detector Using a Graph Foundation Model
Foundation models have recently emerged as a new paradigm in machine learning ML. These models are pre-trained on large and diverse datasets and can subsequently be applied to various downstream tasks with little or no retraining. This allows people without advanced ML expertise to build ML...
Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15557)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from an SVG parsing module exception capture failure, and can be exploited by an attacker to...
Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15556)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from an SVG parsing module exception capture failure, and can be exploited by an attacker to...