Lucene search
K

14 matches found

Microsoft Secure
Microsoft Secure
added 2026/06/04 7:14 p.m.11 views

Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us

In this article 1. Why the Taxonomy Needed Updating 2. Seven new failure modes 3. Operational findings: What red teaming showed 4. New mitigations 5. What to do this quarter When the Microsoft AI Red Team published the Taxonomy of Failure Modes in Agentic AI Systems in April 2025, the goal was a...

8.8CVSS7.2AI score0.08016EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2026/05/19 1:58 a.m.12 views

CVE-2026-8738

A security vulnerability has been detected in Sanluan PublicCMS 5.202506.d. Impacted is the function TradeOrderController.pay/TradePaymentController.pay/AccountGatewayComponent.pay of the file publiccms-trade/src/main/java/com/publiccms/controller/web/trade/TradeOrderController.java of the...

6.9CVSS5.3AI score0.00331EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2005-2828

Malware in sbrugna...

7.2CVSS6.4AI score0.02721EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/09/05 11:28 p.m.2 views

SUSE CVE-2025-9636

pgAdmin = 9.7 is affected by a Cross-Origin Opener Policy COOP vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation...

7.9CVSS6.9AI score0.00213EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.5 views

PT-2025-36007

Name of the Vulnerable Software and Affected Versions pgAdmin versions prior to 9.7 Description pgAdmin is susceptible to a Cross-Origin Opener Policy COOP issue. This allows manipulation of the OAuth flow, potentially resulting in unauthorized account access, account takeover, data breaches, and...

7.9CVSS5.9AI score0.00213EPSS
Exploits0References28
NVD
NVD
added 2023/01/21 2:15 a.m.24 views

CVE-2023-24040

dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...

7.1CVSS6.9AI score0.00454EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/01/21 12:0 a.m.35 views

CVE-2023-24040

dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...

7.1AI score0.00454EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2021/02/05 12:0 a.m.6 views

The vulnerability of the eDocLib platform for storing and processing corporate data lies in the insufficient verification of input data. This allows a malicious actor to alter the execution sequence of programs and gain access to system reference materials without having the necessary access rights.

The vulnerability of the eDocLib platform for storing and processing corporate data is related to insufficient validation of input data. Users who do not have permission to access certain system reference guides including the access management reference guide may gain access to these guides throu...

6.3CVSS5.6AI score
Exploits0Affected Software1
OSV
OSV
added 2019/05/13 5:29 p.m.13 views

CVE-2019-10050

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control...

7.5CVSS7AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2019/05/13 5:29 p.m.21 views

CVE-2019-10050

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control...

7.5CVSS7.3AI score0.01455EPSS
Exploits0References3
Prion
Prion
added 2019/05/13 5:29 p.m.11 views

Buffer overflow

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control...

5CVSS7.5AI score0.01455EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2019/05/13 4:18 p.m.40 views

CVE-2019-10050

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control...

7.5CVSS7.6AI score0.01455EPSS
Exploits0
CNVD
CNVD
added 2018/09/05 12:0 a.m.6 views

Philips e-Alert Input Validation Vulnerability

Philips e-Alert is an electronic alert solution for MRI systems from Philips in the Netherlands, which is used to monitor and alert on MRI system performance. An input validation vulnerability exists in Philips e-Alert R2.1 and prior versions. An attacker could use this vulnerability to arbitrari...

9.8CVSS9.7AI score0.03834EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/18 12:0 a.m.3 views

Apple iOS Safari WebKit Security Bypass Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability exists in WebKit in Apple Safari used in Apple iOS, which can be exploited by attackers to perform man-in-the-middle attacks and obtain sensitive information through sniffing the...

6.4CVSS6.2AI score0.0194EPSS
Exploits0References1
Rows per page
Query Builder