Lucene search
K

14 matches found

Microsoft Secure
Microsoft Secure
added 2026/03/24 5:0 p.m.8 views

Governing AI agent behavior: Aligning user, developer, role, and organizational intent

AI agents increasingly perform tasks that involve reasoning, acting, and interacting with other systems. Building a trusted agent requires ensuring it operates within the correct boundaries and performs tasks consistent with its intended purpose. In practice, this requires aligning several layers...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/30 12:0 a.m.7 views

Unlocking User-Oriented Pages: Intention-Driven Black-Box Scanner for Real-World Web Applications

Black-box scanners have played a significant role in detecting vulnerabilities for web applications. A key focus in current black-box scanning is increasing test coverage i.e., accessing more web pages. However, since many web applications are user-oriented, some deep pages can only be accessed...

7.1AI score
Exploits0
CNVD
CNVD
added 2024/12/04 12:0 a.m.6 views

Mozilla Firefox Clickjacking Vulnerability (CNVD-2024-48569)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox is vulnerable to clickjacking. An attacker can exploit this vulnerability to confirm user intent via eavesdropping hijacking...

8.1CVSS7.8AI score0.00488EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/11/26 11:50 p.m.12 views

CVE-2024-11700

The Mozilla Foundation's Security Advisory: Malicious websites may be able to user intent confirmation through tapjacking. This could lead to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities...

5.4CVSS6.5AI score0.00488EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2024/11/26 2:15 p.m.13 views

CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

8.1CVSS7.6AI score0.00488EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/26 1:33 p.m.12 views

CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

0.00488EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/26 12:0 a.m.12 views

Mozilla Firefox < 133.0

The version of Firefox installed on the remote Windows host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-63 advisory. - A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Under specific...

9.8CVSS7.5AI score0.00919EPSS
Exploits0References18
CNVD
CNVD
added 2017/08/03 12:0 a.m.6 views

Multiple Westermo Router Spoofing Vulnerabilities

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. A spoofing vulnerability exists in multiple Westermo routers, where an attacker could potentially spoof a user into making a malicious request to a server because the program does not verify that the user intended to...

8.8CVSS8.7AI score0.00642EPSS
Exploits0References1
Drupal
Drupal
added 2014/06/11 12:0 a.m.12 views

SA-CONTRIB-2014-060- Petitions - Cross Site Request Forgery (CSRF)

This distribution enables you to build an application that lets users create and sign petitions. The contained whpetitions module doesn't sufficiently verify the intent of the user when signing a petition. A malicious user could trick another user into signing a petition they did not intend to si...

7AI score
Exploits0References12
ThreatPost
ThreatPost
added 2012/10/30 4:35 p.m.10 views

Calling Foul on the Political Football That is Do Not Track

It looks like it’s time for a do-over for DNT. The oft-maligned specification has become—like many other standards efforts before it—a political football. Parties with interests on both sides of the issue have their own agendas, cannot agree on semantics and ignore, in this case, what should be t...

6.7AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/01/15 12:0 a.m.24 views

TIMESINK Spyware Detection

The remote host is using the TIMESINK program. You should ensure that : - the user intended to install TIMESINK it is sometimes silently installed - the use of TIMESINK matches your corporate mandates and security policies. To remove this sort of software, you may wish to check out Ad-Aware or...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/01/15 12:0 a.m.20 views

IPINSIGHT Detection

The remote host is using the IPINSIGHT program. You should ensure that the user intended to install IPINSIGHT as it is sometimes silently installed. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid12015; scriptversion"1.16";...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/01/15 12:0 a.m.16 views

LOP.COM Detection

The remote host is using the LOP.COM program. You should ensure that: - the user intended to install LOP.COM it is sometimes silently installed - the use of LOP.COM matches your corporate mandates and security policies. To remove this sort of software, install software such as Ad-Aware or Spybot....

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/01/15 12:0 a.m.26 views

SaveNOW Detection

The remote host is using the SaveNOW program. You should ensure that: - the user intended to install SaveNOW it is sometimes silently installed - the use of SaveNOW matches your corporate mandates and security policies. To remove this sort of software, you may wish to check out ad-aware or spybot...

5.5AI score
Exploits0
Rows per page
Query Builder