CVE-2020-26292

Creeper is an experimental dynamic, interpreted language. The binary release of Creeper Interpreter 1.1.3 contains potential malware. The compromised binary release was available for a few hours between December 26, 2020 at 3:22 PM EST to December 26, 2020 at 11:00 PM EST. If you used the source...

CVE-2020-10105

An issue was discovered in Zammad 3.0 through 3.2. It returns source code of static resources when submitting an OPTIONS request, rather than a GET request. Disclosure of source code allows for an attacker to formulate more precise attacks. Source code was disclosed for the file 404.html...

CVE-2018-16060

Mitsubishi Electric Europe B.V. SmartRTU devices allow remote attackers to obtain sensitive information directory listing and source code via a direct request to the /web URI...

CVE-2019-14312

Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI...

CVE-2019-10943

A vulnerability has been identified in SIMATIC Drive Controller family All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC incl. SIPLUS variants All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions = V20.8, SIMATIC S7-1200 CPU family incl. SIPL...

CVE-2019-13534

Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN Version A, Firmware A.03.09, Part : M8096-67501, WLAN Version B, Firmware A.01.09, Part : N/A Replaced by Version C and WLAN Version B, Firmware A.01.09, Part : N/A Replaced by Version C. The product...

CVE-2019-14486

GnuCOBOL 2.2 has a buffer overflow in cbevaluateexpr in cobc/field.c via crafted COBOL source code...

CVE-2019-14541

GnuCOBOL 2.2 has a stack-based buffer overflow in cbencodeprogramid in cobc/typeck.c via crafted COBOL source code...

CVE-2019-14663

Brandy 1.20.1 has a stack-based buffer overflow in fileioopenin in fileio.c via crafted BASIC source code...

CVE-2019-10849

Computrols CBAS 18.0.0 allows unprotected Subversion SVN directory / source code disclosure...

CVE-2017-17463

Vivo modems allow remote attackers to obtain sensitive information by reading the index.cgi?page=wifi HTML source code, as demonstrated by ssid and pskwepkey fields...

CVE-2019-15653

Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. The HTML source code of the login page contains values that allow obtaining the username and password. The username are password values are a double md5 of the plaintext real...

CVE-2011-3694

The Server Administration Console in NetSaro Enterprise Messenger Server 2.0 allows remote attackers to read application source code by appending a %00 character to a URL...

CVE-2019-14528

GnuCOBOL 2.2 has a heap-based buffer overflow in readliteral in cobc/scanner.l via crafted COBOL source code...

CVE-2019-14468

GnuCOBOL 2.2 has a buffer overflow in cbpushop in cobc/field.c via crafted COBOL source code...

CVE-2011-3502

The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing 1 space or 2 %2e encoded dot...

CVE-2019-10028

Denial of Service DOS in Dial Reference Source Code Used before June 18th, 2019...

CVE-2017-9557

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and reading the HTML source code of the response...

GRAudit Grep Auditing Tool 3.9

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very...

CAIN: Hijacking LLM-Humans Conversations Via a Two-Stage Malicious System Prompt Generation and Refining Framework

Large language models LLMs have advanced many applications, but are also known to be vulnerable to adversarial attacks. In this work, we introduce a novel security threat: hijacking AI-human conversations by manipulating LLMs' system prompts to produce malicious answers only to specific targeted...