1376 matches found
davids-xss-lab
XSS Attack & Defense EXPERIMENT 1: Stored XSS Attack aler...
Missing Validation of OpenSSL Certificate
Overview Affected versions of this package are vulnerable to Missing Validation of OpenSSL Certificate due to the default configuration of DefaultConfig where TLS certificate verification is disabled for outgoing storage driver communications. An attacker can intercept, decrypt, and manipulate al...
Unsafe Dependency Resolution
Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the execglobals parameter in the validate endpoint. An attacker can execute arbitrary cod...
Unauthenticated File Upload in LollMS
Executive Summary A critical security vulnerability has been identified in LollMS that allows unauthenticated users to upload and process files through the /api/files/extract-text endpoint. This endpoint lacks authentication requirements, contradicting the application's documented "Secure...
Exploring the Security Threats of Retriever Backdoors in Retrieval-Augmented Code Generation
Retrieval-Augmented Code Generation RACG is increasingly adopted to enhance Large Language Models for software development, yet its security implications remain dangerously underexplored. This paper conducts the first systematic exploration of a critical and stealthy threat: backdoor attacks...
CVE-2025-43513
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to read sensitive location information...
CVE-2025-43513
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to read sensitive location information...
EUVD-2025-203147
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to read sensitive location information...
CVE-2025-43513
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3. An app may be able to read sensitive location information...
PT-2025-51009
Name of the Vulnerable Software and Affected Versions macOS versions prior to Sonoma 14.8.3 macOS versions prior to Sequoia 15.7.3 Description A flaw allowed an application to potentially access sensitive location data. The vulnerable code has been removed in updated versions. Recommendations...
LLM-Based Vulnerable Code Augmentation: Generate or Refactor?
Vulnerability code-bases often suffer from severe imbalance, limiting the effectiveness of Deep Learning-based vulnerability classifiers. Data Augmentation could help solve this by mitigating the scarcity of under-represented CWEs. In this context, we investigate LLM-based augmentation for...
Access Control Bypass
Overview phppgadmin/phppgadmin is a web-based administration tool for PostgreSQL. It is perfect for PostgreSQL DBAs, newbies, and hosting services. Affected versions of this package are vulnerable to Access Control Bypass via the handling of user-controlled parameters in sql.php. An attacker can...
Denial of Service (DoS)
Amendment This was deemed not a vulnerability. Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Denial of Service DoS due to the omission of calling profiler.stop during the finalization process. An...
thunderbird: firefox: Memory safety bugs
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corrupti...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via the PyObjectStealAttrString function. An attacker can execute arbitrary code or cause a crash by passing a dangling pointer to APIs such as PyLongAsLong or PyFloatAsDouble after the reference has been decremented. PoC...
CVE-2025-43389
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, visionOS 26.1. An app may be able to access sensitive user data...
CVE-2025-43397
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to cause a denial-of-service...
CVE-2025-43389
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, visionOS 26.1. An app may be able to access sensitive user data...
CVE-2025-43389
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, visionOS 26.1. An app may be able to access sensitive user data...
CVE-2025-43397
CVE-2025-43397 is a local-permissions issue affecting Apple macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, and macOS Tahoe 26.1. The underlying problem is described as a permissions issue that was addressed by removing vulnerable code, with the consequence that an app may be able to cause a denial-of...