Lucene search
K

4 matches found

Packet Storm News
Packet Storm News
added 2025/07/22 12:0 a.m.5 views

When LLMs Copy to Think: Uncovering Copy-Guided Attacks in Reasoning LLMs

Large Language Models LLMs have become integral to automated code analysis, enabling tasks such as vulnerability detection and code comprehension. However, their integration introduces novel attack surfaces. In this paper, we identify and investigate a new class of prompt-based attacks, termed...

7.2AI score
Exploits0
Prion
Prion
added 2023/09/04 11:15 p.m.33 views

Information disclosure

Parse Server is an open source backend server. In affected versions the Parse Cloud trigger beforeFind is not invoked in certain conditions of Parse.Query. This can pose a vulnerability for deployments where the beforeFind trigger is used as a security layer to modify the incoming query. The...

5CVSS7.6AI score0.00623EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2022/11/10 12:0 a.m.58 views

CVE-2022-41878 Parse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code Triggers

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option requestKeywordDenylist can be injected via Cloud Code Webhooks or Triggers. This will result in the...

7.2CVSS9.5AI score0.00875EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/11/10 12:0 a.m.29 views

Parse Server 安全漏洞

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A security vulnerability exists in Parse Server versions prior to 4.10.19 or 5.3.2, which stems from an attacker's ability to contaminate prototypes via cloud code web hooks or cloud code...

9.8CVSS8.3AI score0.00875EPSS
Exploits0References3
Rows per page
Query Builder