ADC-13.1-Rate limit gets hit unexpectedly when a rate limit identifier is used in different policies

When we invoke one rate limit identifier from different polices, the rate limit gets hit unexpectedly. The example config is as below: add stream selector IPURLSelector HTTP.REQ.URL CLIENT.IP.SRCadd ns limitIdentifier LIMITIPURL -threshold 3 -selectorName IPURLSelectoradd audit messageaction...

Developing a Risk Identification Framework for Foundation Model Uses

As foundation models grow in both popularity and capability, researchers have uncovered a variety of ways that the models can pose a risk to the model's owner, user, or others. Despite the efforts of measuring these risks via benchmarks and cataloging them in AI risk taxonomies, there is little...

Asymmetry by Design: Boosting Cyber Defenders with Differential Access to AI

As AI-enabled cyber capabilities become more advanced, we propose "differential access" as a strategy to tilt the cybersecurity balance toward defense by shaping access to these capabilities. We introduce three possible approaches that form a continuum, becoming progressively more restrictive for...

thunderbird: Sender Spoofing via Malformed From Header in Thunderbird

The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an invalid From address to be used. For example, if the From header contains an invalid value "Spoofed Name [email protected]...

How to deploy AI safely

In this blog you will hear directly from Corporate Vice President and Deputy Chief Information Security Officer CISO for AI, Yonatan Zunger, about how to build a plan to deploy AI safely. This blog is part of a new ongoing series where our Deputy CISOs share their thoughts on what is most importa...

CVE-2024-45498

Example DAG: exampleinleteventextra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the...

CVE-2023-2686

Buffer overflow in Wi-Fi Commissioning MicriumOS example in Silicon Labs Gecko SDK v4.2.3 or earlier allows connected device to write payload onto the stack...

CVE-2023-23205

An issue was discovered in lib60870 v2.3.2. There is a memory leak in lib60870/lib60870-C/examples/multiclientserver/multiclientserver.c...

CVE-2023-23595

BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported...

JALMBench: Benchmarking Jailbreak Vulnerabilities in Audio Language Models

Whitepaper called JALMBench: Benchmarking Jailbreak Vulnerabilities In Audio Language Models...

CVE-2020-20490

A heap buffer-overflow in the clientexample1.c component of libieciccpmod v1.5 leads to a denial of service DOS...

Malicious code in hypernova-simple-example (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-4182 Malicious code in hypernova-simple-example (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2019-17377

cPanel before 82.0.15 allows self XSS in LiveAPI example scripts SEC-524...

CVE-2019-1010300

mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: serverexamplecomplexarray. The attack vector is: Send a specific MMS protocol packet...

Malicious code in example-marko-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 553d816403e5dd786bafbe39f79c521cc2e5bd1917b425aefd7d5f34c96400b6 The OpenSSF Package Analysis project identified 'example-marko-webpack' @ 100.0.2 npm as malicious. It is considered malicious because: - The...

MAL-2025-3950 Malicious code in example-marko-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 553d816403e5dd786bafbe39f79c521cc2e5bd1917b425aefd7d5f34c96400b6 The OpenSSF Package Analysis project identified 'example-marko-webpack' @ 100.0.2 npm as malicious. It is considered malicious because: - The...

GHSA-QHR6-MGQR-MCHM Vyper's `concat()` builtin may elide side-effects for zero-length arguments

Impact concat may skip evaluation of side effects when the length of an argument is zero. this is due to a fastpath in the implementation which skips evaluation of argument expressions when their length is zero:...

Cross-site Scripting (XSS)

Overview label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Cross-site Scripting XSS via the labelconfig parameter in labelstudio/projects/views.py. An attacker can execute arbitrary scripts in the context of the user's browser by sending malicious...

Malicious code in guardian-advanced-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13770fcd17968777cc4e0cab25b94ac990143f0e65b24dd910678e9b3f677539 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...