14 matches found
thesis-exploits-pocs
Exploits studied in my Thesis "From Vulnerability Disclosu...
OneShield -- the Next Generation of LLM Guardrails
The rise of Large Language Models has created a general excitement about the great potential for a myriad of applications. While LLMs offer many possibilities, questions about safety, privacy, and ethics have emerged, and all the key actors are working to address these issues with protective...
GHSA-4J66-8F4R-3PJX
creationtimestamp| type| source ---|---|--- 2025-07-24 05:10:24+00:00| seen| https://bsky.app/profile/azu.bsky.social/post/3luorfvupsb2w...
CVE-2025-27452
The configuration of the Apache httpd webserver which serves the MEAC300-FNADE4 web application, is partly insecure. There are modules activated that are not required for the operation of the FNADE4 web application. The functionality of the some modules pose a risk to the webserver which enable...
NCSC Guidance on “Advanced Cryptography”
The UK's National Cyber Security Centre just released its white paper on "Advanced Cryptography," which it defines as "cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography." It includes things like...
Risk Fact #1: Cloud Migration Exploitation Cloud Security Research Risk Fact
Qualys Blog Series – 2023 TotalCloud Security Insights by the Threat Research Unit The 2023 TotalCloud Security Insights report from the Qualys Threat Research Unit TRU provides research insights, best practices, and detailed recommendations organized by five separate Risk Facts. The insights wil...
Ensuring security of your Microsoft Teams apps with Microsoft Cloud App Security
Apps in Microsoft Teams allow you to leverage additional capabilities, enhance your experience, and make Teams work for you by adding your favorite Microsoft and third-party services. Today, hundreds of ecosystem apps provide a great way to enhance and customize Teams, but to enable applications...
Java 7u21 Released with Code-Signing Restrictions, Warnings
The latest Java update released Tuesday includes new prompts warning users of potentially malicious applets, in addition to patches for 42 vulnerabilities, all but three of which are remotely exploitable. Java 7 update 21 is part of Oracle’s scheduled Critical Patch Updates for the program and...
Microsoft Vulnerability in Bluetooth Stack Could Allow Remote Code Execution
Microsoft Vulnerability in Bluetooth Stack Could Allow Remote Code Execution The single Critical vulnerability in today's batch of security updates addresses an issue in the Bluetooth stack. Your workstations' risk to this vulnerability varies, depending on a number of factors. I'd like to use th...
Solaris 7 (x86) : 110647-06
SunOS 5.7x86: /usr/sbin/in.ftpd Patch. Date this patch was last updated by Sun : Dec/20/04 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...
News Server (NNTP) Information Disclosure
By probing the remote NNTP server, Nessus is able to collect information about it, such as whether it allows remote connections, the number of newsgroups, etc. C Tenable Network Security, Inc. NNTP protocol is defined by RFC 977 NNTP message format is defined by RFC 1036 obsoletes 850; see also R...
Security Bulletin MS02-012
---------------------------------------------------------------------- Title: Malformed Data Transfer Request can Cause Windows SMTP Service to Fail Date: 27 February 2002 Software: Microsoft Windows 2000; Microsoft Windows XP Professional Microsoft Exchange 2000 Impact: Denial of Service Max...
CVE-2022-43813
...
CVE-2022-46620
...