52 matches found
The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...
SUSE-SU-2026:2695-1 Security update for nodejs22
This update for nodejs22 fixes the following issues: - CVE-2026-48618: tls: normalize hostname for server identity checks bsc1268593. - CVE-2026-48933: crypto: guard WebCrypto cipher output length bsc1268592. - CVE-2026-48615: lib,test: redact proxy credentials in tunnel errors bsc1268598. -...
Genesis: Evolving Attack Strategies for LLM Web Agent Red-Teaming
As large language model LLM agents increasingly automate complex web tasks, they boost productivity while simultaneously introducing new security risks. However, relevant studies on web agent attacks remain limited. Existing red-teaming approaches mainly rely on manually crafted attack strategies...
EUVD-2015-6789
Malware in sbrugna...
EUVD-2003-0931
Malware in sbrugna...
EUVD-2003-0932
Malware in sbrugna...
EUVD-2003-1485
Malware in sbrugna...
EUVD-2017-5880
Malware in sbrugna...
EUVD-2024-36103
Malicious code in bioql PyPI...
CVE-2003-0942
Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa...
CVE-2024-36459 Cross-Site Scripting Vulnerability in Symantec SiteMinder Web Agent
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser...
CVE-2024-36459 Cross-Site Scripting Vulnerability in Symantec SiteMinder Web Agent
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser...
Broadcom Symantec SiteMinder Security Vulnerability
Broadcom Symantec SiteMinder is an identity provider and federation system from Broadcom, Inc. Provides access to web applications and portals. A security vulnerability exists in Broadcom Symantec SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server, which stems...
CVE-2015-7961
SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module...
RSA Authentication Agent for Web for Apache Installed
Binary data rsaauthenticationagentforwebapachedetect.nbin...
CA Single Sign-On non-Domino Web Proxy Denial of Service Vulnerability
CA Single Sign-On is a suite of software for secure access to Web applications via single sign-on from CA USA. A security vulnerability exists in CA Single Sign-On's Domino Web Agent. A remote attacker could exploit the vulnerability by sending a specially crafted request to cause a denial of...
Cross site request forgery (csrf)
The Domino web agent in CA Single Sign-On aka SSO, formerly SiteMinder R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remote attackers to cause a denial of service daemon crash or obtain sensitive information via a crafted...
CVE-2015-6853
Technical details about CVE-2015-6853 are not publicly provided in the supplied documents; sources largely reiterate the vulnerability exists and can cause DoS or information disclosure. Monitor for updates.
CVE-2015-6853
The Domino web agent in CA Single Sign-On aka SSO, formerly SiteMinder R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remote attackers to cause a denial of service daemon crash or obtain sensitive information via a crafted...
Code injection
EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector...