Lucene search
K

42 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-45063

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01768EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.5 views

PT-2025-28952 · Ruckus +1 · Smartzone +2

Name of the Vulnerable Software and Affected Versions: RUCKUS SmartZone SZ versions prior to 6.1.2p3 Refresh Build Description: RUCKUS SmartZone SZ is susceptible to a directory traversal issue that allows unauthorized access to files. The issue is caused by insufficient validation of user-suppli...

5CVSS8.7AI score0.00735EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/05/23 1:15 a.m.11 views

CVE-2022-41956

Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A file disclosure vulnerability was discovered in Autolab's remote handin feature,...

6.5CVSS7AI score0.01768EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2025/04/11 12:0 a.m.221 views

CMU CERT/CC VINCE 2.0.6 - Stored XSS

Exploit Tile: CMU CERT/CC VINCE 2.0.6 - Stored XSS Vendor: Carnegie Mellon University Product web page: https://www.kb.cert.org/vince/ Affected version: -H "Cookie: sessionid=xxxx" \ -d 'content="ZSL%0A%0A&csrfmiddlewaretoken=xxx&paginateby=10&replyto=xxxxx'...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/02/10 12:0 a.m.264 views

CMU CERT/CC VINCE v2.0.6 Stored XSS

Summary VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform. Description The framework suffers from an authenticated stored cross-site scripting...

6AI score
Exploits0
Kitploit
Kitploit
added 2023/09/17 11:30 a.m.35 views

Promptmap - Automatically Tests Prompt Injection Attacks On ChatGPT Instances

Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the system, an attacker can force the ChatGPT instance to do unintended actions. promptmap is a tool that automatically tests prompt...

7.3AI score
Exploits0References3
Cvelist
Cvelist
added 2023/01/14 12:9 a.m.37 views

CVE-2022-41955 Autolab is vulnerable to remote code execution (RCE) via MOSS functionality

Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University, that enables instructors to offer autograded programming assignments to their students over the Web. A remote code execution vulnerability was discovered in Autolab's MOSS functionalit...

8.8CVSS9.2AI score0.01495EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2022/06/09 4:39 p.m.22 views

New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing

A newly designed privacy-sensitive architecture aims to enable developers to create smart home apps in a manner that addresses data sharing concerns and puts users in control over their personal information. Dubbed Peekaboo by researchers from Carnegie Mellon University, the system "leverages an...

0.6AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2020/12/17 10:0 p.m.35 views

Collaborative innovation on display in Microsoft’s insider risk management strategy

The disrupted work environment, in which enterprises were forced to find new ways to enable their workforce to work remotely, changed the landscape for operations as well as security. One of the top areas of concern is managing insider risks, a complex undertaking even before the pandemic, and ev...

0.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/12/17 10:0 p.m.34 views

Collaborative innovation on display in Microsoft’s insider risk management strategy

The disrupted work environment, in which enterprises were forced to find new ways to enable their workforce to work remotely, changed the landscape for operations as well as security. One of the top areas of concern is managing insider risks, a complex undertaking even before the pandemic, and ev...

0.3AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2019/05/01 9:59 p.m.28 views

The Air Force Will Embed Airmen at Carnegie Mellon University

Air Force Secretary Heather Wilson expounds on surveillance, drones, and the cutting edge of plane-painting...

3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2018/05/17 6:29 p.m.65 views

Tracking Firm LocationSmart Leaked Location Data for Customers of All Major U.S. Mobile Carriers Without Consent in Real Time Via Its Web Site

LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site -- without the need for any password or other form of authentication or...

7AI score
Exploits0
Kitploit
Kitploit
added 2017/09/19 9:0 p.m.55 views

Pharos - Static Binary Analysis Framework

The Pharos static binary analysis framework is a project of the Software Engineering Institute at Carnegie Mellon University. The framework is designed to facilitate the automated analysis of binary programs. It uses the ROSE compiler infrastructure developed by Lawrence Livermore National...

7.8AI score
Exploits0References4
n0where
n0where
added 2017/09/06 3:41 a.m.44 views

Pharos Static Binary Analysis Framework

The Pharos static binary analysis framework is a project of the Software Engineering Institute at Carnegie Mellon University. The framework is designed to facilitate the automated analysis of binary programs. It uses the ROSE compiler infrastructure developed by Lawrence Livermore National...

7.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2016/12/13 4:25 p.m.23 views

Beta Firmware Updates Available for Vulnerable Netgear Routers

Netgear has begun pushing out beta versions of firmware updates that will address a critical vulnerability that was disclosed late last week. The networking vendor also confirmed that many more routers in its Nighthawk line are vulnerable than originally reported. The flaw allows attackers to car...

0.2AI score
Exploits8References5
The Hacker News
The Hacker News
added 2016/03/29 6:12 p.m.14 views

FBI is fighting back against Judge's Order to reveal TOR Exploit Code

Last month, the Federal Bureau of Investigation FBI was ordered to reveal the complete source code for the TOR exploit it used to hack visitors of the world’s largest dark web child pornography site, PlayPen. Robert J. Bryan, the federal judge, ordered the FBI to hand over the TOR browser exploit...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2016/02/25 10:51 a.m.12 views

Judge Confirms CMU Paid to Break Tor

A U.S. district court judge has confirmed what has probably been the worst-kept secret in security, that Carnegie Mellon University’s Software Engineering Institute was indeed contracted by the Department of Defense to study how to break Tor anonymity. A motion to compel discovery filed by Brian...

7AI score
Exploits0References5
ThreatPost
ThreatPost
added 2016/01/04 11:45 a.m.16 views

Tor to Launch Bug Bounty Program in 2016

The Tor Project announced last week that it will launch a bug bounty program later this year to encourage security researchers to responsibly report issues they find in the software. Tor Browser and Tor Performance Developer Mike Perry announced the news during the “State of the Onion” address la...

7.6AI score
Exploits0References7
ThreatPost
ThreatPost
added 2015/11/18 2:55 p.m.15 views

Carnegie Mellon Says It Was Subpoenaed-And Not Paid-For Research On Breaking Tor

Carnegie Mellon University today implied in a statement that it was served with a subpoena to hand over research related to unmasking the identity of users on the Tor network, and that it was not paid $1 million by the FBI for doing so, as alleged by the Tor Project. The statement, released short...

7.1AI score
Exploits0References5
The Hacker News
The Hacker News
added 2015/11/14 12:2 a.m.12 views

FBI denies paying $1 MILLION to Unmask Tor Users

Just day before yesterday, the Tor Project Director Roger Dingledine accused the FBI of paying the Carnegie Mellon University CMU at least $1 Million to disclose the technique they had discovered to unmask Tor users and reveal their IP addresses. However, the Federal Bureau of Investigation has...

7AI score
Exploits0
Rows per page
Query Builder