7 matches found
SkillScope: Toward Fine-Grained Least-Privilege Enforcement for Agent Skills
Agent Skills have become a practical way to extend LLM agents by packaging metadata, natural-language instructions, and executable resources into reusable capability bundles. However, this growing Skill ecosystem introduces a new compliance risk: a Skill may perform high-impact actions that excee...
CVE-2021-39775
In People, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-17506
Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...
Google Android Information Disclosure Vulnerability (CNVD-2025-00305)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. There is a security vulnerability in Android. An attacker can use this vulnerability to bypass privilege detection with the help of WiFi broadcasting and disclose information abou...
Atlassian Fisheye and Crucible Information Disclosure Vulnerability (CNVD-2018-05564)
Atlassian FishEye and Crucible are both products of the Australian company Atlassian, FishEye is a suite of software for deep viewing of source code repositories and Crucible is a suite of code review tools. A security vulnerability exists in the /rest/review-coverage-chart/1.0/data/.json resourc...
CloudBees GitHub Branch Source plugin enumeration vulnerability
CloudBees GitHub Branch Source plugin is the U.S. CloudBees company's Jenkins Java-based development of continuous integration tools in a GitHub branch plugin . The CloudBees GitHub Branch Source plugin suffers from an enumeration vulnerability that stems from the program failing to detect...
Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Privilege Escalation
Title Ninja privilege escalation detection and prevention system race condition Author Ben 'highjack' Sheppard URL http://highjack.github.io/ Description There is a small delay between the time of execution of a command and the time privelege escalation is detected. It is therefore possible to us...