Safety Alignment Can Be Not Superficial with Explicit Safety Signals

Recent studies on the safety alignment of large language models LLMs have revealed that existing approaches often operate superficially, leaving models vulnerable to various adversarial attacks. Despite their significance, these studies generally fail to offer actionable solutions beyond data...

DaaS - Change master image it fails with "ProvisioningTaskError"

Unable to update DaaS Machine Catalog - Access Machine Catalog "Change master image" it fails with "ProvisioningTaskError" ErrorMessage - HandleExplicitStorage Failed Error retrieving item from path ""...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the UCSI driver not waiting for all tasks to complete before partner removal...

kernel: sched/rt: Fix race in push_rt_task

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in pushrttask Overview ======== When a CPU chooses to call pushrttask and picks a task to push to another CPU's runqueue then it will call findlocklowestrq method which would take a double lock on both CPUs'...

kernel: sched/rt: Fix race in push_rt_task

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Fix race in pushrttask Overview ======== When a CPU chooses to call pushrttask and picks a task to push to another CPU's runqueue then it will call findlocklowestrq method which would take a double lock on both CPUs'...

Updating MCS catalog fails with error FailedToUnregisterMasterImageFromMdm

Error updating an MCS catalog in Citrix DAAS Action Name: MCCreateMachineCatalogInitialzation Exception: StudioErrorId : ProvisioningTaskError ErrorCategory : NotSpecified TaskState : FailedToUnregisterMasterImageFromMdm TaskStateInformation : Terminated ErrorId :...

CVE-2025-1415

A low-privileged user is able to obtain information about tasks executed on devices controlled by Proget MDM Mobile Device Management, as well as details of the devices like their UUIDs needed for exploitation of CVE-2025-1416. In order to perform the attack, one has to know a taskid, but since...

CVE-2025-0218

When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-creat...

CVE-2025-0464

A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Section. The manipulation of the argument System Name leads to cross site scripting. The attack can be...

CVE-2024-48706

Collabtive 3.1 is vulnerable to Cross-site scripting XSS via the title parameter with action=add or action=editform within the a managemessage.php file and b managetask.php file respectively...

CVE-2024-46081

Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS. An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS, which is particularly dangerous because tasks are assigned to various users on the platform...

CVE-2024-8140

A vulnerability was found in SourceCodester Task Progress Tracker 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file update-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack may be launched remotely. The...

CVE-2024-7792

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been classified as critical. Affected is an unknown function of the file /endpoint/delete-task.php. The manipulation of the argument task leads to sql injection. It is possible to launch the attack remotely. The exploit...

CVE-2024-7793

A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument taskname leads to cross site scripting. The attack can be...

CVE-2024-33247

Sourcecodester Employee Task Management System v1.0 is vulnerable to SQL Injection via admin-manage-user.php...

CVE-2024-28613

SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate privileges and obtain sensitive information via the taskid parameter of the task-details.php, and edit-task.php component...

CVE-2024-28557

SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php...

CVE-2024-3222

A vulnerability, which was classified as critical, has been found in SourceCodester PHP Task Management System 1.0. This issue affects some unknown processing of the file admin-password-change.php. The manipulation of the argument adminid leads to sql injection. The attack may be initiated...

CVE-2024-3224

A vulnerability has been found in SourceCodester PHP Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file task-details.php. The manipulation of the argument taskid leads to sql injection. The attack can be launched remotely...

CVE-2024-3225

A vulnerability was found in SourceCodester PHP Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file edit-task.php. The manipulation of the argument taskid leads to sql injection. The attack may be launched remotely. The exploit h...