CyberExplorer: Benchmarking LLM Offensive Security Capabilities in a Real-World Attacking Simulation Environment

Real-world offensive security operations are inherently open-ended: attackers explore unknown attack surfaces, revise hypotheses under uncertainty, and operate without guaranteed success. Existing LLM-based offensive agent evaluations rely on closed-world settings with predefined goals and binary...

less Vulnerable to Arbitrary Code Execution via OS Command Execution via newline Character in Filename

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...

Important: less

Issue Overview: less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation als...

Dell Vnx2 Oe For File 操作系统命令注入漏洞

Dell Vnx2 Oe For File is an operating environment from Dell USA. The Dell Vnx2 Oe For File suffers from an operating system command injection vulnerability that originates from incorrect input validation. A remote attacker could use this vulnerability to send a special request and execute arbitra...

We Can't Afford Not to Secure the Cloud

There have been many disruptive innovations in the history of modern computing, each of them in some way impacting how we create, interact with, deliver, and consume information. The platforms and mechanisms used to process, transport, and store our information likewise endure change, some in...