ChurchCRM version 4.5.3 suffers from a remote SQL injection vulnerability.
4d245e585f1ee50ce2d1767f3c1f045d2aecdea2352fb819e28fc89a56936b48
Red Hat Security Advisory 2023-0951-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.
ae6c7f59641b5ad6430a2c59225b66b236fa1df20f0023f7aadec24aeb416b7a
Red Hat Security Advisory 2023-0946-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer overflow, double free, and use-after-free vulnerabilities.
03c201bb2ce7568e3362720c1cb0f457937348867d13e7c04e8449c3b355f24f
Red Hat Security Advisory 2023-0979-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.
cceceb277223462abb6d840e851432a54db7d60a3f00e607e025d4570c9d34d2
CRYSTALS-Kyber has been selected by the NIST as a public-key encryption and key encapsulation mechanism to be standardized. It is also included in the NSA's suite of cryptographic algorithms recommended for national security systems. This makes it important to evaluate the resistance of CRYSTALS-Kyber’s implementations to side-channel attacks. The unprotected and first-order masked software implementations have been already analysed. In this paper, they present deep learning-based message recovery attacks on the ω-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU for ω ≤ 5. The main contribution is a new neural network training method called recursive learning. In the attack on an ω-order masked implementation, they start training from an artificially constructed neural network M ω whose weights are partly copied from a model M ω−1 trained on the (ω − 1)-order masked implementation, and then extended to one more share. Such a method allows them to train neural networks that can recover a message bit with the probability above 99% from high-order masked implementations.
bb8f1a666a9bb3b7ef38e7e61e8980c7e3efb86a13dead4ae283a439aa94aded