91 matches found
Reconstruction of Personally Identifiable Information from Supervised Finetuned Models
Supervised Finetuning SFT has become one of the primary methods for adapting a large language model LLM with extensive pre-trained knowledge to domain-specific, instruction-following tasks. SFT datasets, composed of instruction-response pairs, often include user-provided information that may...
CVE-2026-40684
In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...
CVE-2026-40684
In Exim before 4.99.2, on systems using musl libc not glibc, an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dnexpand oddity in octal printing...
Unspecified Vulnerability in Google Chrome (CNVD-2026-17821)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security vulnerability that stems from insufficient policy enforcement in the Passwords component, which can be exploited by an attacker to disclose cross-domain data via specially crafted HTML pages...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.178 contained a security vulnerability, which was caused by improper implementation of the ANGLE component. This vulnerability could allow remote attackers to exploit the system by leaking...
CVE-2026-31832
Umbraco is an ASP.NET CMS. From 14.0.0 to before 16.5.1 and 17.2.2, A broken object-level authorization vulnerability exists in a backoffice API endpoint that allows authenticated users to assign domain-related data to content nodes without proper authorization checks. The issue is caused by...
Google Chrome Security Bypass Vulnerability (CNVD-2026-16148)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to disclose cross-domain data via specially crafted HTML pages...
Google Chrome Information Disclosure Vulnerability (CNVD-2026-16150)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an information disclosure vulnerability that can be exploited by attackers to disclose cross-domain data via specially crafted HTML pages...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via a backpoffice API endpoint. An attacker can modify domain-related data on content nodes without proper authorization by making crafted API calls as an authenticated user, even when...
Umbraco Backoffice API Allows Unauthorized Modification of Domain Data
Description A broken object-level authorization vulnerability exists in a backoffice API endpoint that allows authenticated users to assign domain-related data to content nodes without proper authorization checks. The issue is caused by insufficient authorization enforcement on the affected API...
GHSA-FPVF-FVP5-996R Umbraco Backoffice API Allows Unauthorized Modification of Domain Data
Description A broken object-level authorization vulnerability exists in a backoffice API endpoint that allows authenticated users to assign domain-related data to content nodes without proper authorization checks. The issue is caused by insufficient authorization enforcement on the affected API...
CVE-2026-31832 Umbraco Backoffice API Allows Unauthorized Modification of Domain Data
Umbraco is an ASP.NET CMS. From 14.0.0 to before 16.5.1 and 17.2.2, A broken object-level authorization vulnerability exists in a backoffice API endpoint that allows authenticated users to assign domain-related data to content nodes without proper authorization checks. The issue is caused by...
CVE-2026-31832
Umbraco (ASP.NET CMS) has a broken object-level authorization vulnerability in backoffice API endpoints affecting 14.0.0–before 16.5.1 and 17.2.2. An authenticated user can assign domain-related data to content nodes without proper authorization checks due to insufficient enforcement on the affec...
CVE-2026-31832 Umbraco Backoffice API Allows Unauthorized Modification of Domain Data
Umbraco is an ASP.NET CMS. From 14.0.0 to before 16.5.1 and 17.2.2, A broken object-level authorization vulnerability exists in a backoffice API endpoint that allows authenticated users to assign domain-related data to content nodes without proper authorization checks. The issue is caused by...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from an information disclosure vulnerability that can be exploited by attackers to disclose cross-domain data via specially crafted HTML pages...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to disclose cross-domain data via specially crafted HTML pages...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 145.0.7632.45 contained a security vulnerability, which was caused by improper implementation of Animation. This vulnerability could allow cross-domain data to be leaked through specially...
xrdp security vulnerabilities
XRDPT is an open-source remote desktop protocol server developed by Neutrinolabs. Versions of XRDPT prior to v0.10.5 contained security vulnerabilities. These vulnerabilities stemmed from improper boundary checking when processing user domain information, which could lead to stack-based buffer...
CVE-2017-18404
cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD SEC-341...
CVE-2023-43041
IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. This vulnerability is due to an incomplete fix for CVE-2022-34352. IBM X-Force ID: 266808...