Lucene search
K

7 matches found

Packet Storm News
Packet Storm News
added 2026/05/07 12:0 a.m.10 views

SkillScope: Toward Fine-Grained Least-Privilege Enforcement for Agent Skills

Agent Skills have become a practical way to extend LLM agents by packaging metadata, natural-language instructions, and executable resources into reusable capability bundles. However, this growing Skill ecosystem introduces a new compliance risk: a Skill may perform high-impact actions that excee...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2022/03/30 4:2 p.m.18 views

CVE-2021-39775

In People, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.7AI score0.00104EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/12 4:33 p.m.45 views

CVE-2020-17506

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php...

10AI score0.93967EPSS
Exploits7References3
CNVD
CNVD
added 2018/08/31 12:0 a.m.7 views

Google Android Information Disclosure Vulnerability (CNVD-2025-00305)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. There is a security vulnerability in Android. An attacker can use this vulnerability to bypass privilege detection with the help of WiFi broadcasting and disclose information abou...

7.5CVSS6.1AI score0.00987EPSS
Exploits5References1
CNVD
CNVD
added 2018/02/08 12:0 a.m.4 views

Atlassian Fisheye and Crucible Information Disclosure Vulnerability (CNVD-2018-05564)

Atlassian FishEye and Crucible are both products of the Australian company Atlassian, FishEye is a suite of software for deep viewing of source code repositories and Crucible is a suite of code review tools. A security vulnerability exists in the /rest/review-coverage-chart/1.0/data/.json resourc...

4.3CVSS7.1AI score0.00803EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/31 12:0 a.m.5 views

CloudBees GitHub Branch Source plugin enumeration vulnerability

CloudBees GitHub Branch Source plugin is the U.S. CloudBees company's Jenkins Java-based development of continuous integration tools in a GitHub branch plugin . The CloudBees GitHub Branch Source plugin suffers from an enumeration vulnerability that stems from the program failing to detect...

4.3CVSS4.9AI score0.00786EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2015/04/29 12:0 a.m.21 views

Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Privilege Escalation

Title Ninja privilege escalation detection and prevention system race condition Author Ben 'highjack' Sheppard URL http://highjack.github.io/ Description There is a small delay between the time of execution of a command and the time privelege escalation is detected. It is therefore possible to us...

7.4AI score
Exploits0
Rows per page
Query Builder