20 matches found
Detecting Data Exfiltration through I2P Anonymity Networks: A Two-Phase Machine Learning Approach
The Invisible Internet Project I2P provides strong anonymity through garlic routing and distributed network architecture, making it attractive for legitimate privacy needs. Nevertheless, the same properties can be exploited by malicious actors to steal sensitive information from corporate network...
Malicious code in @ml-toolkit-ts/xgboost (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
MAL-2026-3602 Malicious code in @ml-toolkit-ts/xgboost (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.1), ai.h2o:h2o-algos (>=3.0.0.5 <=3.46.0.1) +44 more potentially affected by CVE-2026-3960 via ai.h2o:h2o-core (>=3.0.0.12 <=3.46.0.1)
ai.h2o:h2o-core MAVEN version =3.0.0.12, =3.34.0.1, =3.0.0.5, =3.0.0.5, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.1 and more Source cves: CVE-2026-3960 Source advisory: SNYK:JAVA-AIH2O-16417170...
Hybrid Ensemble Method for Detecting Cyber-Attacks in Water Distribution Systems Using the BATADAL Dataset
The cybersecurity of Industrial Control Systems that manage critical infrastructure such as Water Distribution Systems has become increasingly important as digital connectivity expands. BATADAL benchmark data is a good source of testing intrusion detection techniques, but it presents several...
A Comprehensive Study of Supervised Machine Learning Models for Zero-Day Attack Detection: Analyzing Performance on Imbalanced Data
Among the various types of cyberattacks, identifying zero-day attacks is problematic because they are unknown to security systems as their pattern and characteristics do not match known blacklisted attacks. There are many Machine Learning ML models designed to analyze and detect network attacks,...
Securing IoT Communications Via Anomaly Traffic Detection: Synergy of Genetic Algorithm and Ensemble Method
The rapid growth of the Internet of Things IoT has transformed industries by enabling seamless data exchange among connected devices. However, IoT networks remain vulnerable to security threats such as denial of service DoS attacks, anomalous traffic, and data manipulation due to decentralized...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2025-10769 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)
ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2025-10769 Source advisory: SNYK:JAVA-AIH2O-13003701...
Leveraging Machine Learning for Botnet Attack Detection in Edge-Computing Assisted IoT Networks
The increase of IoT devices, driven by advancements in hardware technologies, has led to widespread deployment in large-scale networks that process massive amounts of data daily. However, the reliance on Edge Computing to manage these devices has introduced significant security vulnerabilities, a...
On the Performance of Cyber-Biomedical Features for Intrusion Detection in Healthcare 5.0
Healthcare 5.0 integrates Artificial Intelligence AI, the Internet of Things IoT, real-time monitoring, and human-centered design toward personalized medicine and predictive diagnostics. However, the increasing reliance on interconnected medical technologies exposes them to cyber threats...
Optimizing DDoS Detection in SDNs through Machine Learning Models
The emergence of Software-Defined Networking SDN has changed the network structure by separating the control plane from the data plane. However, this innovation has also increased susceptibility to DDoS attacks. Existing detection techniques are often ineffective due to data imbalance and accurac...
Machine Learning-Based Detection of DDoS Attacks in VANETs for Emergency Vehicle Communication
Vehicular Ad Hoc Networks VANETs play a key role in Intelligent Transportation Systems ITS, particularly in enabling real-time communication for emergency vehicles. However, Distributed Denial of Service DDoS attacks, which interfere with safety-critical communication channels, can severely impai...
Bilateral Differentially Private Vertical Federated Boosted Decision Trees
Federated learning is a distributed machine learning paradigm that enables collaborative training across multiple parties while ensuring data privacy. Gradient Boosting Decision Trees GBDT, such as XGBoost, have gained popularity due to their high performance and strong interpretability. Therefor...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.44.0.3), ai.h2o:h2o-algos (>=3.2.0.1 <=3.44.0.3) +34 more potentially affected by CVE-2024-8062 via ai.h2o:h2o-core (>=3.2.0.1 <=3.44.0.3)
ai.h2o:h2o-core MAVEN version =3.2.0.1, =3.34.0.1, =3.2.0.1, =3.2.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.1.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.30.0.1, =3.34.0.3, =3.30.0.1, =3.44.0.3 and more Source cves: CVE-2024-8062 Source advisory: OSV:GHSA-5C8J-G96X-CJ78...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2024-6854 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)
ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2024-6854 Source advisory: SNYK:JAVA-AIH2O-9486740...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS through the runtool command which exposes classes in the water.tools package via the ast parser. An attacker can shut down the server and write large files to arbitrary directories by exploiting the...
ai.h2o:sparkling-water-api-generation_2.11 (>=3.34.0.3-1-2.2 <=3.46.0.6-1-2.4), ai.h2o:sparkling-water-api-generation_2.12 (>=3.34.0.3-1-3.0 <=3.46.0.6-1-3.5) +9 more potentially affected by CVE-2024-10572 via ai.h2o:h2o-ext-xgboost (>=3.34.0.1 <=3.46.0.6)
ai.h2o:h2o-ext-xgboost MAVEN version =3.34.0.1, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.34.0.1-1-2.2, =3.34.0.1-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =2.0.0, =2.1.2 Source cves: CVE-2024-10572 Source advisory:...
ai.h2o:sparkling-water-api-generation_2.11 (>=3.34.0.3-1-2.2 <=3.46.0.1-1-2.4), ai.h2o:sparkling-water-api-generation_2.12 (>=3.34.0.3-1-3.0 <=3.46.0.1-1-3.5) +9 more potentially affected by CVE-2024-10572 via ai.h2o:h2o-ext-xgboost (>=3.34.0.1 <=3.46.0.1)
ai.h2o:h2o-ext-xgboost MAVEN version =3.34.0.1, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.34.0.1-1-2.2, =3.34.0.1-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =3.34.0.3-1-2.2, =3.34.0.3-1-3.0, =2.0.0, =2.1.1 Source cves: CVE-2024-10572 Source advisory:...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2024-10549 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)
ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2024-10549 Source advisory: SNYK:JAVA-AIH2O-9486742...
com.databricks.labs:automl-toolkit (=0.8.1), ml.combust.mleap:mleap-avro_2.12 (>=0.14.0 <=0.23.0) +14 more potentially affected by CVE-2023-5245 via ml.combust.mleap:mleap-runtime_2.12 (>=0.14.0 <=0.23.0)
ml.combust.mleap:mleap-runtime2.12 MAVEN version =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.19.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.19.0, =0.14.0, =0.17.0, =0.23.0 and more Source cves: CVE-2023-5245 Source advisory: OSV:GHSA-897X-XVJ8-42RQ...