rustfs 安全漏洞

RustFS is a high-performance object storage system developed by RustFS. Versions of RustFS prior to 1.0.0-beta.2 contained a security vulnerability. This vulnerability arises when RUSTFSCORSALLOWEDORIGINS is not set; in such cases, ConditionalCorsLayer reflects the Origin value and sets a relaxed...

DecodingTrust-Agent Platform (DTap): A Controllable and Interactive Red-Teaming Platform for AI Agents

AI agents are increasingly deployed across diverse domains to automate complex workflows through long-horizon and high-stakes action executions. Due to their high capability and flexibility, such agents raise significant security and safety concerns. A growing number of real-world incidents have...

Exploring Robust Intrusion Detection: A Benchmark Study of Feature Transferability in IoT Botnet Attack Detection

Cross-domain intrusion detection remains a critical challenge due to significant variability in network traffic characteristics and feature distributions across environments. This study evaluates the transferability of three widely used flow-based feature sets Argus, Zeek and CICFlowMeter across...

SUSE CVE-2012-4168

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540...

Apple iOS和Apple iPadOS 访问控制错误漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets. An Access Control Error vulnerability exists in WebKit before Apple iOS 15.4 and iPadOS 15.4, which originates from a malicious...

Cisco IoT Field Network Director SOAP API Authorization Bypass Vulnerability

Cisco IoT Field Network Director FND is a network management system for large-scale FAN deployments. A SOAP API authorization bypass vulnerability exists in Cisco IoT Field Network Director versions prior to 4.6.1. The vulnerability stems from insufficient authorization of the SOAP API. An attack...

November 19, 2020—KB4594441 (OS Build 14393.4048) Out-of-band

November 19, 2020—KB4594441 OS Build 14393.4048 Out-of-band UPDATED 11/19/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. To view other notes and messages, see the Windows 10, version 1607 update history...

Cisco IoT Field Network Director 访问控制错误漏洞

Cisco IoT Field Network Director FND is a network management system for large-scale FAN deployments. An access control error vulnerability exists in the user management feature in Cisco IoT Field Network Director versions prior to 4.6.1. An attacker could exploit this vulnerability by manipulatin...

Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain

A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity...

Micro Focus Solutions Business Manager Information Disclosure Vulnerability

Micro Focus Solutions Business Manager SBM is a suite of business process automation management solutions from Micro Focus UK. The solution is primarily used for process automation, including software development lifecycle and IT business process management. A security vulnerability exists in Mic...

Apple Safari Cross-Domain Sensitive Information Disclosure Vulnerability

Apple Safari is an open source WEB browser. A security vulnerability exists in Apple Safari that can be exploited by remote attackers to construct malicious web pages that can be tricked into being parsed by users, and that can be used to obtain cookie information from different domains via a...

Adobe Flash Player and AIR Cross-Domain Information Disclosure Vulnerability (CNVD-2015-04573)

Adobe Flash Player is an integrated multimedia player. Adobe AIR is a technology developed for the integration of web and desktop applications, allowing control of cloud-based programs on the web without having to go through a browser. Adobe Flash Player and AIR have cross-domain information...

CVE-2013-0015

Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS encoding, which allows remote attackers to read content from a different 1 domain or 2 zone via a crafted web site that triggers cross-domain scrolling events, aka "Shift JIS Character Encoding...

PT-2010-4741 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 8 Description: The issue allows remote attackers to obtain sensitive information via a crafted web site due to improper restriction of script access to content from a different domain or zone. An...

Flash Player cross domain HTTP header flaw

Interaction error between Adobe Flash and multiple Universal Plug and Play UPnP services allow remote attackers to perform Cross-Site Request Forgery CSRF style attacks by using the Flash navigateToURL function to send a SOAP message to a UPnP control point, as demonstrated by changing the primar...