6 matches found
Can I Check What I Designed? Mapping Security Design DSLs to Code Analyzers
When assessing the potential impact of code-level vulnerabilities, e.g., discovered by automated analyzers, it is essential to consider them in the context of the system's security design. However, this is a challenging task due to the abstraction gap between security design, often specified usin...
On the Dangers of Poisoned LLMs in Security Automation
This paper investigates some of the risks introduced by "LLM poisoning," the intentional or unintentional introduction of malicious or biased data during model training. We demonstrate how a seemingly improved LLM, fine-tuned on a limited dataset, can introduce significant bias, to the extent tha...
CVE-2024-58267 Rancher CLI SAML authentication is vulnerable to phishing attacks
A vulnerability has been identified within Rancher Manager whereby the SAML authentication from the Rancher CLI tool is vulnerable to phishing attacks. The custom authentication protocol for SAML-based providers can be abused to steal Rancher’s authentication tokens...
The vulnerability of the implementation of the Security Assertion Markup Language (SAML) in Cisco Adaptive Security Appliances and Cisco Firepower Threat Defense allows a perpetrator to bypass the authentication process.
The vulnerability of the Security Assertion Markup Language SAML implementation in Cisco Adaptive Security Appliances and Cisco Firepower Threat Defense is related to authentication errors when using NT LAN Manager NTLM or basic authentication. Exploiting this vulnerability allows a malicious act...
CVE-2004-2236
Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting...
Exchange Core CHS Lang
...