SoK: The Pitfalls of Deep Reinforcement Learning for Cybersecurity

Deep Reinforcement Learning DRL has achieved remarkable success in domains requiring sequential decision-making, motivating its application to cybersecurity problems. However, transitioning DRL from laboratory simulations to bespoke cyber environments can introduce numerous issues. This is furthe...

EUVD-2025-36150

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections...

EUVD-2011-4365

Malware in sbrugna...

EUVD-2013-5295

Malware in sbrugna...

NIST Warns of Security and Privacy Risks from Rapid AI System Deployment

The U.S. National Institute of Standards and Technology NIST is calling attention to the privacy and security challenges that arise as a result of increased deployment of artificial intelligence AI systems in recent years. "These security and privacy challenges include the potential for adversari...

Vulnerability of Windows operating system deployment services, allowing attackers to trigger service failures

The vulnerability of Windows operating system deployment services is related to improper resource cleaning. Exploiting this vulnerability can allow a remote attacker to cause service failures...

HCL Technologies BigFix OSD 加密问题漏洞

HCL Technologies BigFix OSD is part of a lifecycle management software from HCL Technologies, Inc. for operating system deployment. A security vulnerability exists in the HCL Technologies BigFix OSD that stems from the server using an insecure encryption algorithm...

HCL Technologies BigFix OSD 注入漏洞

HCL Technologies BigFix OSD is part of a lifecycle management software from HCL Technologies, Inc. for operating system deployment. A security vulnerability exists in HCL Technologies BigFix OSD Bare Metal Server version 311.12 and prior versions, which stems from the inclusion of a host header...

CVE-2020-5332

RSA Archer, versions prior to 6.7 P3 6.7.0.3, contain a command injection vulnerability. AN authenticated malicious user with administrator privileges could potentially exploit this vulnerability to execute arbitrary commands on the system where the vulnerable application is deployed...

CVE-2013-5455

IBM SmartCloud Provisioning 2.1 before FP3 IF0001 allows remote authenticated users to modify virtual-system deployment via deployer.virtualsystems CLI commands, as demonstrated by a deletion using a deployer.virtualsystems.delete command...

CVE-2011-4047

The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...

CVE-2011-4436

Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-4046

The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...

Design/Logic Flaw

The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...

Code injection

The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...

Default credentials

The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-4046

The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext inside a PHP script, enabling context-dependent attackers to read sensitive data from script source. Several connected sources corroborate that this flaw can lead to privilege abuse and unauthorized ...

CVE-2011-4047

CVE-2011-4047 affects the Dell KACE K2000 System Deployment Appliance. The issue allows remote attackers to execute arbitrary commands by exploiting write access to the appliance’s database, enabling command execution on the target system. The vulnerability is tied to remote database access and i...

CVE-2011-4047

The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...