8 matches found
New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems
Various generative artificial intelligence GenAI services have been found vulnerable to two types of jailbreak attacks that make it possible to produce illicit or dangerous content. The first of the two techniques, codenamed Inception, instructs an AI tool to imagine a fictitious scenario, which...
CVE-2024-10722
A stored cross-site scripting XSS vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability allows attackers to inject malicious scripts into the 'Description' field of custom fields in the 'IP RELATED MANAGEMENT' section. This can lead to data theft, account compromise, distributi...
Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security
This entry explores how the Chain of Thought reasoning in the DeepSeek-R1 AI model can be susceptible to prompt attacks, insecure output generation, and sensitive data theft...
PT-2023-29720 · Unknown · Leadsquared Suite
Name of the Vulnerable Software and Affected Versions: LeadSquared Suite plugin versions 0.7.4 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects authenticated administrators. This vulnerability allows for malicious scripts to be stored o...
Update Protections against Recent Malware Threats (7-Nov-07)
Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network...
Invision Community Blog 1.0/1.1 - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/13910/info Multiple input validation vulnerabilities reportedly affect Invision Community Blog. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions. The first issue ...
Claroline E-Learning 1.5/1.6 - 'exercises_details.php?exo_id' SQL Injection
source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical application...
IkonBoard 3.x - Multiple SQL Injections
source: https://www.securityfocus.com/bid/11982/info Multiple remote SQL injection vulnerabilities reportedly affect Ikonboard. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may exploit these issues ...