19 matches found
UIXPOSE: Mobile Malware Detection Via Intention-Behaviour Discrepancy Analysis
We introduce UIXPOSE, a source-code-agnostic framework that operates on both compiled and open-source apps. This framework applies Intention Behaviour Alignment IBA to mobile malware analysis, aligning UI-inferred intent with runtime semantics. Previous work either infers intent statically, e.g.,...
EUVD-2021-1451
Malware in sbrugna...
EUVD-2018-13073
Malware in sbrugna...
VulStamp: Vulnerability Assessment Using Large Language Model
Although modern vulnerability detection tools enable developers to efficiently identify numerous security flaws, indiscriminate remediation efforts often lead to superfluous development expenses. This is particularly true given that a substantial portion of detected vulnerabilities either possess...
SoK: Machine Unlearning for Large Language Models
Large language model LLM unlearning has become a critical topic in machine learning, aiming to eliminate the influence of specific training data or knowledge without retraining the model from scratch. A variety of techniques have been proposed, including Gradient Ascent, model editing, and...
CVE-2018-20519
An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal=ajaxsavebasic pid parameter...
BIT-CONSUL-2021-36213
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1...
Bond Redemption is lower than intended
Lines of code Vulnerability details Impact Bonds redemption does not correspond to protocol intention leading to lesser ETH redeemed Proof of Concept Once the bond reaches maturity and the user initiates the redemption process by calling "redeem," it's possible for the user to receive a gain that...
GHSA-8H2G-R292-J8XH HashiCorp Consul L7 deny intention results in an allow action
In HashiCorp Consul before 1.10.1 and Consul Enterprise, xds can generate a situation where a single L7 deny intention with a default deny policy results in an allow action...
HashiCorp Consul L7 deny intention results in an allow action
In HashiCorp Consul before 1.10.1 and Consul Enterprise, xds can generate a situation where a single L7 deny intention with a default deny policy results in an allow action...
CVE-2021-36213
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1...
Design/Logic Flaw
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1...
CVE-2021-36213
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1...
CVE-2021-36213
HashiCorp Consul and Consul Enterprise versions 1.9.0–1.10.0 are affected by CVE-2021-36213, where a single L7 application-aware deny action under a default-deny policy can cancel the intention and incorrectly allow L4 traffic. The issue is fixed in Consul/Consul Enterprise 1.9.8 and 1.10.1 (upst...
CVE-2021-36213
HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action cancels out, causing the intention to incorrectly fail open, allowing L4 traffic. Fixed in 1.9.8 and 1.10.1...
Taking Action This Earth Month
By: Akamai Earth Month Guest Blog by Kenda Carlson, Senior Manager, WeSpire There's a fascinating human phenomenon often studied in the behavioral science field called the intention-action gap. It's when you have every intention of doing something, but it just doesn't happen. It's when you say yo...
Taking Action This Earth Month
There's a fascinating human phenomenon often studied in the behavioral science field called the intention-action gap...
Code injection
An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajaxsavebasic pid parameter...
Tizen Studio 1.3 Smart Development Bridge Buffer Overflow
Exploit Title: Smart Development Bridge =2.3.2 part of Tizen Studio 1.3 Windows x86/x64 - Buffer Overflow PoC Date: 22.10.17 Exploit Author: Marcin Kopec Vendor Homepage: https://developer.tizen.org/ Software Link: https://developer.tizen.org/development/tizen-studio/download Version: 2.3.0, 2.3....