21006 matches found
Security Bulletin: IBM Sterling Connect:Direct Web Services is affected by a vulnerability in spring-web-6.2.3.jar(CVE-2025-41234)
Summary IBM Sterling Connect:Direct Web Services is vulnerable to a reflected file download RFD attack in spring-web-6.2.3. This has been addressed in new fixpacks available from Fix Central. Vulnerability Details CVEID:CVE-2025-41234 DESCRIPTION: Description In Spring Framework, versions 6.0.x a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414622)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414622 advisory. An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to...
Directory Traversal
Overview clearml is a ClearML - Auto-Magical Experiment Manager, Version Control, and MLOps for AI Affected versions of this package are vulnerable to Directory Traversal via the safeextract function. An attacker can write arbitrary files outside the intended directory by exploiting improper...
Directory Traversal
Overview zenml is a ZenML: Write production-ready ML code. Affected versions of this package are vulnerable to Directory Traversal via the load function in the PathMaterializer class during extraction of data.tar.gz archives. An attacker can overwrite arbitrary files, potentially leading to comma...
RLSA-2025:7427 Low: xterm security update
The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: code execution via OSC 50 input sequences CVE-2022-45063 For more details about the securi...
xterm security update
An update is available for xterm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The xterm program is a terminal emulator for the X Window System. It provides D...
RockyLinux 9 : xterm (RLSA-2025:7427)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7427 advisory. xterm: code execution via OSC 50 input sequences CVE-2022-45063 Tenable has extracted the preceding description block directly from the RockyLinux security...
PT-2025-40524
Name of the Vulnerable Software and Affected Versions TRUfusion Enterprise versions through 7.10.4.0 Description The application does not properly sanitize input to the /trufusionPortal/getCobrandingData endpoint, allowing path traversal sequences to be included. This can be used to read any loca...
NEXUS: Network Exploration for EXploiting Unsafe Sequences in Multi-Turn LLM Jailbreaks
Large Language Models LLMs have revolutionized natural language processing but remain vulnerable to jailbreak attacks, especially multi-turn jailbreaks that distribute malicious intent across benign exchanges and bypass alignment mechanisms. Existing approaches often explore the adversarial space...
LegalSim: Multi-Agent Simulation of Legal Systems for Discovering Procedural Exploits
We present LegalSim, a modular multi-agent simulation of adversarial legal proceedings that explores how AI systems can exploit procedural weaknesses in codified rules. Plaintiff and defendant agents choose from a constrained action space for example, discovery requests, motions, meet-and-confer,...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...