6819 matches found
Entropy Bounds Via Hypothesis Testing and Its Applications to Two-Way Key Distillation in Quantum Cryptography
Quantum key distribution QKD achieves information-theoretic security, without relying on computational assumptions, by distributing quantum states. To establish secret bits, two honest parties exploit key distillation protocols over measurement outcomes resulting after the the distribution of...
Characterizing and Modeling the GitHub Security Advisories Review Pipeline
GitHub Security Advisories GHSA have become a central component of open-source vulnerability disclosure and are widely used by developers and security tools. A distinctive feature of GHSA is that only a fraction of advisories are reviewed by GitHub, while the mechanisms associated with this revie...
Microsoft Windows 10 DLL Hijacking Scanner
This PHP class provides a security assessment tool for detecting potential DLL hijacking vulnerabilities on Windows systems. It's designed for educational and defensive security purposes only. that can be exploited on many recent versions of Windows 10, Windows 11, Windows Server 2022...
Deep Learning for Contextualized NetFlow-Based Network Intrusion Detection: Methods, Data, Evaluation and Deployment
Network Intrusion Detection Systems NIDS have progressively shifted from signature-based techniques toward machine learning and, more recently, deep learning methods. Meanwhile, the widespread adoption of encryption has reduced payload visibility, weakening inspection pipelines that depend on...
Persistent Human Feedback, LLMs, and Static Analyzers for Secure Code Generation and Vulnerability Detection
Existing literature heavily relies on static analysis tools to evaluate LLMs for secure code generation and vulnerability detection. We reviewed 1,080 LLM-generated code samples, built a human-validated ground-truth, and compared the outputs of two widely used static security tools, CodeQL and...
GNSS SpAmming: A Spoofing-Based GNSS Denial-Of-Service Attack
GNSSs are vulnerable to attacks of two kinds: jamming i.e. denying access to the signal and spoofing i.e. impersonating a legitimate satellite. These attacks have been extensively studied, and we have a myriad of countermeasures to mitigate them. In this paper we expose a new type of attack:...
Availability Attacks without an Adversary: Evidence from Enterprise LANs
Denial-of-Service DoS conditions in enterprise networks are commonly attributed to malicious actors. However, availability can also be compromised by benign non-malicious insider behavior. This paper presents an empirical study of a production enterprise LAN that demonstrates how routine docking...
Cockpit CMS 0.13.0 Multi-Endpoint Injection Scanner
Cockpit CMS version 0.13.0 multi-endpoint injection scanner. This tool is a defensive security scanner designed to safely assess web application endpoints for potential input-validation and injection weaknesses without executing any commands. It sends non-executable canary payloads through...
CVE-Factory: Scaling Expert-Level Agentic Tasks for Code Security Vulnerability
CVE-Factory is a Multi-Agent system for fully automated, end-to-end CVE reproduction. Given CVE records, the system automatically researches details, generates test cases, builds Docker environments, and validates that each vulnerability can be both exploited and patched. The pipeline transforms...
Inference-Time Backdoors Via Hidden Instructions in LLM Chat Templates
Open-weight language models are increasingly used in production settings, raising new security challenges. One prominent threat in this context is backdoor attacks, in which adversaries embed hidden behaviors in language models that activate under specific conditions. Previous work has assumed th...
Crypto-RV: High-Efficiency FPGA-Based RISC-V Cryptographic Co-Processor for IoT Security
Cryptographic operations are critical for securing IoT, edge computing, and autonomous systems. However, current RISC-V platforms lack efficient hardware support for comprehensive cryptographic algorithm families and post-quantum cryptography. This paper presents Crypto-RV, a RISC-V co-processor...
Hallucination-Resistant Security Planning with a Large Language Model
Large language models LLMs are promising tools for supporting security management tasks, such as incident response planning. However, their unreliability and tendency to hallucinate remain significant challenges. In this paper, we address these challenges by introducing a principled framework for...
Post-Quantum Identity-Based TLS for 5G Service-Based Architecture and Cloud-Native Infrastructure
Cloud-native application platforms and latency-sensitive systems such as 5G Core networks rely heavily on certificate-based Public Key Infrastructure PKI and mutual TLS to secure service-to-service communication. While effective, this model introduces significant operational and performance...
Bypassing AI Control Protocols Via Agent-As-A-Proxy Attacks
As AI agents automate critical workloads, they remain vulnerable to indirect prompt injection IPI attacks. Current defenses rely on monitoring protocols that jointly evaluate an agent's Chain-of-Thought CoT and tool-use actions to ensure alignment with user intent. We demonstrate that these...
Trojan Attacks on Neural Network Controllers for Robotic Systems
Neural network controllers are increasingly deployed in robotic systems for tasks such as trajectory tracking and pose stabilization. However, their reliance on potentially untrusted training pipelines or supply chains introduces significant security vulnerabilities. This paper investigates...
Reading between the Code Lines: On the Use of Self-Admitted Technical Debt for Security Analysis
Static Analysis Tools SATs are central to security engineering activities, as they enable early identification of code weaknesses without requiring execution. However, their effectiveness is often limited by high false-positive rates and incomplete coverage of vulnerability classes. At the same...
Cyber Insurance, Audit, and Policy: Review, Analysis and Recommendations
Cyber insurance, which protects insured organizations against financial losses from cyberattacks and data breaches, can be difficult and expensive to obtain for many organizations. These difficulties stem from insurers difficulty in understanding and accurately assessing the risks that they are...
Mopri - an Analysis Framework for Unveiling Privacy Violations in Mobile Apps
Everyday services of society increasingly rely on mobile applications, resulting in a conflicting situation between the possibility of participation on the one side and user privacy and digital freedom on the other. In order to protect users' rights to informational self-determination, regulatory...
AIDE 0.19.3
AIDE Advanced Intrusion Detection Environment is a free replacement for Tripwiretm. It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms ...
Can Developers Rely on LLMs for Secure IaC Development?
We investigated the capabilities of GPT-4o and Gemini 2.0 Flash for secure Infrastructure as Code IaC development. For security smell detection, on the Stack Overflow dataset, which primarily contains small, simplified code snippets, the models detected at least 71% of security smells when prompt...
Steganographic Information Hiding Via Symmetric Numerical Semigroups
We introduce a steganographic information hiding scheme based on structural properties of numerical semigroups arising from the Frobenius coin problem. Instead of encoding data through representable integers, the proposed protocol embeds information into the gap structure of carefully chosen...
Reference-Free EM Validation Flow for Detecting Triggered Hardware Trojans
Hardware Trojans HTs threaten the trust and reliability of integrated circuits ICs, particularly when triggered HTs remain dormant during standard testing and activate only under rare conditions. Existing electromagnetic EM side-channel-based detection techniques often rely on golden references o...
I Can't Believe It's Not a Valid Exploit
Recently Large Language Models LLMs have been used in security vulnerability detection tasks including generating proof-of-concept PoC exploits. A PoC exploit is a program used to demonstrate how a vulnerability can be exploited. Several approaches suggest that supporting LLMs with additional...
ImpressCMS 1.3.10 Cross Site Scripting
Multiple cross site scripting vulnerabilities exist in ImpressCMS version 1.3.10, including both reflected and persistent cross site scripting. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
phpMemAdmin Cross Site Scripting
A cross site scripting vulnerability exists in phpMemAdmin. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
Microweber 1.0.8 Reflected Cross Site Scripting
A reflected cross site scripting vulnerability exists in Microweber CMS version 1.0.8. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
OrangeForum 1.4.0 Open Redirection
An open redirection vulnerability exists in OrangeForum version 1.4.0. The vulnerability allows remote attackers to redirect users to arbitrary external websites. This issue is older research added to the archive...
IlchCMS 2.1.37 Cross Site Scripting
A cross site scripting vulnerability exists in IlchCMS version 2.1.37. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
TWiki 6.0.1 Cross Site Scripting
A cross site scripting vulnerability exists in TWiki version 6.0.1 via the WebSearch functionality. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
Flat Nuke 3.1.2 Cross Site Scripting
A cross site scripting vulnerability exists in Flat Nuke version 3.1.2. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
The Bug Genie 3.2.7.1 Cross Site Scripting
A cross site scripting vulnerability exists in The Bug Genie version 3.2.7.1. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
MyLittleForum 2.3.5 Cross Site Scripting
Multiple Reflected cross site scripting vulnerabilities exist in MyLittleForum version 2.3.5. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
Concrete5 5.7.3.1 Cross Site Scripting
Multiple cross site scripting vulnerabilities exist in Concrete5 CMS version 5.7.3.1. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
MailPoet Newsletters 2.6.19 Cross Site Scripting
A cross site scripting vulnerability exists in MailPoet Newsletters WordPress Plugin version 2.6.19. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
Subrion CMS 3.2.2 Cross Site Scripting
A cross site scripting vulnerability exists in Subrion CMS version 3.2.2. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
Plikli CMS 4.0.0 Blind SQL Injection
A blind SQL injection vulnerability exists in Plikli CMS version 4.0.0. The vulnerability allows remote attackers to execute arbitrary SQL commands and potentially compromise the database. This is older research added to the archive...
Co-RedTeam: Orchestrated Security Discovery and Exploitation with LLM Agents
Large language models LLMs have shown promise in assisting cybersecurity tasks, yet existing approaches struggle with automatic vulnerability discovery and exploitation due to limited interaction, weak execution grounding, and a lack of experience reuse. We propose Co-RedTeam, a security-aware...
phpMoAdmin Cross Site Scripting
A cross site scripting vulnerability exists in phpMoAdmin. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
Malware Detection through Memory Analysis
This paper summarizes the research conducted for a malware detection project using the Canadian Institute for Cybersecurity's MalMemAnalysis-2022 dataset. The purpose of the project was to explore the effectiveness and efficiency of machine learning techniques for the task of binary classificatio...
QuietPrint: Protecting 3D Printers against Acoustic Side-Channel Attacks
The 3D printing market has experienced significant growth in recent years, with an estimated revenue of 15 billion USD for 2025. Cyber-attacks targeting the 3D printing process whether through the machine itself, the supply chain, or the fabricated components are becoming increasingly common. One...
Storytlr 1.2.0 Cross Site Scripting
Multiple reflected cross site scripting vulnerabilities exist in Storytlr version 1.2.0. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
Plikli CMS 4.0.0 Cross Site Scripting
A cross site scripting vulnerability exists in Plikli CMS version 4.0.0. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
Benchmarking Large Language Models for Zero-Shot and Few-Shot Phishing URL Detection
The Uniform Resource Locator URL, introduced in a connectivity-first era to define access and locate resources, remains historically limited, lacking future-proof mechanisms for security, trust, or resilience against fraud and abuse, despite the introduction of reactive protections like HTTPS...
TestLink 1.9.13 Cross Site Scripting
A cross site scripting vulnerability exists in TestLink version 1.9.13. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
Geeklog 2.2.1 Cross Site Scripting
A cross site scripting vulnerability exists in Geeklog CMS version 2.2.1. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
DF-LoGiT: Data-Free Logic-Gated Backdoor Attacks in Vision Transformers
The widespread adoption of Vision Transformers ViTs elevates supply-chain risk on third-party model hubs, where an adversary can implant backdoors into released checkpoints. Existing ViT backdoor attacks largely rely on poisoned-data training, while prior data-free attempts typically require...
WordPress Google Analyticator Cross Site Scripting
Multiple cross site scripting vulnerabilities exist in Google Analyticator WordPress plugin versions prior to 6.4.9.6. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...
The Trigger in the Haystack: Extracting and Reconstructing LLM Backdoor Triggers
Detecting whether a model has been poisoned is a longstanding problem in AI security. In this work, we present a practical scanner for identifying sleeper agent-style backdoors in causal language models. Our approach relies on two key findings: first, sleeper agents tend to memorize poisoning dat...
SysFuSS: System-Level Firmware Fuzzing with Selective Symbolic Execution
Firmware serves as the critical interface between hardware and software in computing systems, making any bugs or vulnerabilities particularly dangerous as they can cause catastrophic system failures. While fuzzing is a promising approach for identifying design flaws and security vulnerabilities,...
Booked Scheduler 2.5.15 Cross Site Request Forgery
A cross site request forgery vulnerability exists in Booked Scheduler version 2.5.15. The vulnerability allows remote attackers to perform unauthorized actions on behalf of authenticated users. This issue is older research added to the archive...