72 matches found
CVE-2023-28380
CVE-2023-28380 : Intel® AI Hackathon software prior to version 2.0.0 contains an unsafe/uncontrolled search path that could allow an unauthenticated attacker to escalate privileges over the network. Affected product: Intel AI Hackathon software before 2.0.0. Root cause: uncontrolled search path i...
CVE-2023-28380
Uncontrolled search path for the IntelR AI Hackathon software before version 2.0.0 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
Intel AI Hackathon Code Issues Vulnerabilities
Intel AI Hackathon is the AI Hackathon repository from Intel Corporation USA, which contains notebooks and tutorials referenced at Intel AI Hackathon events. A security vulnerability exists in versions prior to Intel AI Hackathon 2.0.0. An attacker exploiting the vulnerability could elevate...
PT-2023-4391 · Intel · Intel(R) Ai Hackathon
Name of the Vulnerable Software and Affected Versions: IntelR AI Hackathon software versions prior to 2.0.0 Description: The issue is related to an uncontrolled search path in the IntelR AI Hackathon software, which may allow an unauthenticated user to potentially enable escalation of privilege v...
Intel® AI Hackathon Software Advisory
Summary: A potential security vulnerability in the Intel® AI Hackathon software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-28380 Description: Uncontrolled search path for the IntelR AI...
Mitigate risk by integrating threat modeling and DevOps processes
Agile and DevOps are without any doubt two of the biggest security trends of recent years. The rapid rise of the cloud has only fueled the need for flexibility and dynamicity. Therefore, it’s natural for developers and organizations to seek methodologies and tools for addressing new requirements...
Mitigate risk by integrating threat modeling and DevOps processes
Agile and DevOps are without any doubt two of the biggest security trends of recent years. The rapid rise of the cloud has only fueled the need for flexibility and dynamicity. Therefore, it’s natural for developers and organizations to seek methodologies and tools for addressing new requirements...
From Bounty to Exploit: Observations About Cybercriminal Contests
From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog, we discuss our takeaways and summarize the results of these contests...
MSTICPy January 2022 hackathon highlights
During the month of January 2022, the Microsoft Threat Intelligence Center MSTIC ran its inaugural hackathon for the open-source Jupyter and Python Security Tools library, MSTICPy. We asked the security community for their contributions to expand and improve MSTICPy’s features and capabilities, a...
MSTICPy January 2022 hackathon highlights
During the month of January 2022, the Microsoft Threat Intelligence Center MSTIC ran its inaugural hackathon for the open-source Jupyter and Python Security Tools library, MSTICPy. We asked the security community for their contributions to expand and improve MSTICPy’s features and capabilities, a...
[The Lost Bots] Bonus Episode: Velociraptor Contributor Competition
!\The Lost Bots\ Bonus Episode: Velociraptor Contributor Competitionhttps://blog.rapid7.com/content/images/2021/08/-The-Lost-Bots--Episode-1--External-Threat-Intelligence.jpeg Welcome back for a special bonus edition of The Lost Bots, a vlog series where Rapid7 Detection and Response Practice...
abracadabra (>=0.0.0 <=0.0.5), adversarial-labeller (=0.1.8) +210 more potentially affected by CVE-2021-23980 via bleach (>=1.2.2 <=3.2.3)
bleach PYPI version =1.2.2, =0.0.0, =1.0.0, =0.0.1, =1.10.0, =0.1.0, =0.0.6, =0.3.0, =0.0.9, =0.3.4, =0.0.5, =0.1.0rc1, =0.1.3, =1.0.0 and more Source cves: CVE-2021-23980 Source advisory: OSV:PYSEC-2021-865...
Virtual Hackathon Generates Next Generation of Imperva Innovation
“How do we run a global hackathon amid a global pandemic?” That was my first thought when I began planning the 2020 Imperva Hackathon earlier this year. While the event is designed to foster innovation and uncover new ideas, in a global company like ours it’s also about making new friends and...
Partnering with Microsoft on Hackathon 2020 and Saving the Planet
During the week of July 27, thousands of participants from around the globe participated in the Microsoft 2020 Hackathon. In its seventh year -- and this year, fully virtual -- the annual worldwide event brings Microsoft employees and interns together to drum up new ideas, create change, and make...
Pwn20wn hackathon to be held online in November 2020
By Zara Khan Similar to their spring event, the PWN20wn hackathon is happening virtually in November 2020. This is a post from HackRead.com Read the original post: Pwn20wn hackathon to be held online in November 2020...
WhatTheHack - A Collection Of Challenge Based Hack-A-Thons Including Student Guide, Proctor Guide, Lecture Presentations, Sample/Instructional Code And Templates
WhatTheHack is a collection of challenge based hack-a-thons including student guide, proctor guide, lecture presentations, sample/instructional code and templates. What, Why and How "What the Hack" is a challenge based hackathon format Challenges describe high-level tasks and goals to be...
2019 Hackathon Challenges Imperva to Solve Problems Together
The smell of pizza –150 boxes to be exact – filled our global offices last week as more than 220 Impervians technical and non-technical rolled up their sleeves to participate in Imperva’s annual company-wide hackathon. As chair of the event this year, I was determined to host a hackathon that...
HackerOne: IDOR in Bugs overview enables attacker to determine the date range a hackathon was active
A minor Insecure Direct Object Reference IDOR vulnerability is present in the /bugs endpoint. One of the Bugs overview filters enables a program member to filter by Hackathon that their program was a part of. This filter is applied when hackathon IDs are provided in the hackathons parameter, like...
Announcing the Microsoft Graph Security Hackathon winners
Bringing together information from multiple disconnected security systems to solve today’s security challenges is complex. We recently asked Microsoft Graph Security Hackathon participants to come up with innovative solutions using the Microsoft Graph Security API, and they did not disappoint. We...
Hackathon is over: Here are our winners!
A few weeks ago Wallarm has launched a hackathon to create a machine learning / AI model to detect attacks among normal web requests. The competition was run on Kaggle as InClass. In this competition, Kagglers were asked to develop models that identify injections among neutral input vectors using...