Lucene search
K

10 matches found

Packet Storm News
Packet Storm News
added 2026/05/29 12:0 a.m.10 views

R+R: Reassessing Java Security API Misuse in Current LLMs: A Replication on JCA and JSSE APIs with External Security Knowledge

The misuse of Java security APIs is a serious security problem in software development. Research in 2024 has shown that this problem is widespread in LLM-generated code. However, it remains unclear whether this phenomenon persists in current models and how external security knowledge affects it...

5.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/03/13 4:0 p.m.4 views

How MSRC coordinates vulnerability research and disclosure while building community

In an era where discovering and rapidly mitigating security vulnerabilities is more important than ever before, the Microsoft Security Response Center MSRC is at the center of this work. MSRC focuses on investigating vulnerabilities, coordinating their disclosure, and releasing security updates t...

7.1AI score
Exploits0
CNVD
CNVD
added 2025/01/17 12:0 a.m.2 views

WAVLINK AC3000 External Configuration Control Vulnerability (CNVD-2025-11441)

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. An external configuration control vulnerability exists in the WAVLINK AC3000, which can be exploited by attackers to cause a privilege bypass...

9.1CVSS9.2AI score0.01457EPSS
Exploits1References1
NVD
NVD
added 2021/05/18 11:15 a.m.24 views

CVE-2020-15279

An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research...

4CVSS0.00474EPSS
Exploits0References1
Prion
Prion
added 2021/05/18 11:15 a.m.16 views

Improper access control

An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research...

2.1CVSS4.1AI score0.00474EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2016/11/18 12:45 p.m.16 views

Qualcomm and HackerOne Partner on Bounty Program

Qualcomm kicked off its first bug bounty program Thursday, opening the door for white hat hackers to find flaws in a dozen Snapdragon mobile chipsets and related software. Rewards for the invite-only bug bounty program top $15,000 each. HackerOne will facilitate Qualcomm’s bounty program; the...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2014/09/29 10:22 a.m.8 views

FBI to Open Up Malware Investigator Portal to External Researchers

SEATTLE–The FBI has developed an internal malware-analysis tool, somewhat akin to the systems used by antimalware companies, and plans to open the system up to external security researchers, academics and others. The system is known as Malware Investigator and is designed to allow FBI agents and...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2014/07/24 9:1 a.m.15 views

Bugcrowd Releases Open Source Vulnerability Disclosure Framework

The problems that come from doing security research on modern Web applications and other software aren’t just challenging for researchers, but also for the companies on the receiving end of their advisories. Companies unaccustomed to dealing with researchers can find themselves in a difficult...

7.3AI score
Exploits0References2
Atlassian
Atlassian
added 2013/09/19 6:17 a.m.21 views

Implement clickjacking protection on https://answers.atlassian.com/

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46884. panel We received an external security report from Monendra Sahu that https://answers.atlassian.com/ is vulnerable to...

1.1AI score
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2011/12/30 2:20 p.m.13 views

Thinking About Software Security Holistically

While assessing software systems of all types a few common mistakes regularly come up. These aren’t mistakes that lead directly to vulnerabilities, but mistakes in how some software companies think about security, that can lead to invalid assumptions, and ultimately which can allow real security...

Exploits0References1
Rows per page
Query Builder