15 matches found
Watermark for LLM-Generated Text
Researchers at Google have developed a watermark for LLM-generated text. The basics are pretty obvious: the LLM chooses between tokens partly based on a cryptographic key, and someone with knowledge of the key can detect those choices. What makes this hard is 1 how much text is required for the...
CVE-2023-21324
In Package Installer, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
Yokogawa (CVE-2018-8838) (deprecated)
Plugin deprecated because centumcs/vp is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecated because...
Mitsubishi (CVE-2020-12009) (deprecated)
Plugin deprecated because mcworks is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecated because mcwor...
Rockwell (CVE-2019-13519) (deprecated)
Plugin deprecated because arenasimulation is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecated becau...
Mitsubishi (CVE-2020-12011) (deprecated)
Plugin deprecated because mcworks is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecated because mcwor...
Schneider (CVE-2013-0687) (deprecated)
Plugin deprecated because micoms1studio is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10. Deprecated because...
UBUNTU-CVE-2019-19959
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...
Vulnerability in OpenSSL - 0-byte record padding oracle
If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...
FreeBSD : OpenSSL -- Padding oracle vulnerability (7700061f-34f7-11e9-b95c-b499baebfeaf)
The OpenSSL project reports : 0-byte record padding oracle CVE-2019-1559 Moderate If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte...
Why WhatsApp's 'Backdoor' Isn't a Backdoor
Accusations that WhatsApp has a backdoor intended for eavesdropping on user messages is being loudly rebuked by Facebook-owned WhatsApp and Open Whisper Systems, the company that developed the underlying encryption technology for the platform. Dismissal of the published claims by The Guardian are...
[FoxOne] Free OSINT Tool - Server Reconnaissance Scanner
FoxOne is a free OSINT tool, described by the author th3j35t3r as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel o...
McAfee SaaS MyCioScan ShowReport Remote Command Execution
This module exploits a vulnerability found in McAfee Security-as-a-Service. The ShowReport function located in the myCIOScn.dll ActiveX component fails to check the FileName argument, and passes it on to a ShellExecuteW function, therefore allows any malicious attacker to execute any process that...
Download & Exec polymorphed shellcode Engine
Exploit for generator platform in category shellcode ============================================ Download & Exec polymorphed shellcode Engine ============================================ Download & Exec polymorphed shellcode engine POC This downloading and execution code is not detectable by...
[Full-disclosure] iDEFENSE Security Advisory 10.04.05: UW-IMAP Netmailbox Name Parsing Buffer Overflow Vulnerability
UW-IMAP Netmailbox Name Parsing Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.04.05 www.idefense.com/application/poi/display?id=313&type=vulnerabilities October 4, 2005 I. BACKGROUND UW-IMAP is a popular free IMAP service for Linux and UNIX systems and is distributed with various...