19 matches found
Securing AI Agents against Prompt Injection Attacks
Retrieval-augmented generation RAG systems have become widely used for enhancing large language model capabilities, but they introduce significant security vulnerabilities through prompt injection attacks. We present a comprehensive benchmark for evaluating prompt injection risks in RAG-enabled A...
EUVD-2022-7279
Malicious code in bioql PyPI...
EUVD-2022-4271
Malicious code in bioql PyPI...
RLSA-2025:3113 Important: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: jinja2: Jinja sandbox breakout through attr filter selecting format...
Moderate: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: setuptools: Path Traversal Vulnerability in setuptools PackageIndex...
Securing Agentic AI: How to Protect the Invisible Identity Access
AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can't easily see. These "invisible"...
Securing AI Agents with Information-Flow Control
As AI agents become increasingly autonomous and capable, ensuring their security against vulnerabilities such as prompt injection becomes critical. This paper explores the use of information-flow control IFC to provide security guarantees for AI agents. We present a formal model to reason about t...
CVE-2022-24684
HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and 1.2.6...
Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks — like data leaks, identity theft, and malicious misuse. If your company is exploring or already using AI agents, you need to ask: Are...
Data Leaks and AI Agents: Why Your APIs Could Be Exposing Sensitive Information
Most organizations are using AI in some way today, whether they know it or not. Some are merely beginning to experiment with it, using tools like chatbots. Others, however, have integrated agentic AI directly into their business procedures and APIs. While both types of organizations are undoubted...
RLSA-2025:0308 Important: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: fence-agents: Jinja has a sandbox breakout through indirect reference t...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 9. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security...
Important: fence-agents security update
The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: fence-agents: Jinja has a sandbox breakout through indirect reference t...
Important: Red Hat Security Advisory: fence-agents security update
An update for fence-agents is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update...
SUSE-SU-2022:2326-1 Security update for resource-agents
This update for resource-agents fixes the following issues: - Predictable log file in /tmp in mariadb.in bsc1146691. - Allow aws-vpc-move-ip to specify an interface label to distinguish the IP address bsc1199766 - Implement options to disable DAD and to allow sending NA in the background bsc11961...
resource-agents security and bug fix update
4.1.1-61.4 - Upgrade bundled python-httplib2 to fix CVE-2020-11078 Resolves: rhbz1850992 4.1.1-61.2 - azure-lb: fix redirect issue Resolves: rhbz1850779 4.1.1-61.1 - gcp-vpc-move-vip: add support for multiple alias IPs - sybaseASE: run verify action during start action only - azure-events: handle...
SUSE-SU-2020:14348-1 Security update for resource-agents
This update for resource-agents fixes the following issues: - Fixed multiple vulnerabilities related to unsafe tempfile usage. bsc1146690 bsc1146784 bsc1146785 bsc1146787 - Fixed issues where the ocfmon user was created with a default password bsc1021689, bsc1146687...