Genesis: Evolving Attack Strategies for LLM Web Agent Red-Teaming

As large language model LLM agents increasingly automate complex web tasks, they boost productivity while simultaneously introducing new security risks. However, relevant studies on web agent attacks remain limited. Existing red-teaming approaches mainly rely on manually crafted attack strategies...

EUVD-2003-0931

Malware in sbrugna...

EUVD-2003-0932

Malware in sbrugna...

EUVD-2017-5880

Malware in sbrugna...

EUVD-2015-6789

Malware in sbrugna...

EUVD-2003-1485

Malware in sbrugna...

EUVD-2024-36103

Malicious code in bioql PyPI...

CVE-2003-0942

Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa...

CVE-2024-36459 Cross-Site Scripting Vulnerability in Symantec SiteMinder Web Agent

A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser...

CVE-2024-36459 Cross-Site Scripting Vulnerability in Symantec SiteMinder Web Agent

A CRLF cross-site scripting vulnerability has been identified in certain configurations of the SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server. As a result, an attacker can execute arbitrary Javascript code in a client browser...

Broadcom Symantec SiteMinder Security Vulnerability

Broadcom Symantec SiteMinder is an identity provider and federation system from Broadcom, Inc. Provides access to web applications and portals. A security vulnerability exists in Broadcom Symantec SiteMinder Web Agent for IIS Web Server and SiteMinder Web Agent for Domino Web Server, which stems...

CVE-2015-7961

SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module...

RSA Authentication Agent for Web for Apache Installed

Binary data rsaauthenticationagentforwebapachedetect.nbin...

CA Single Sign-On non-Domino Web Proxy Denial of Service Vulnerability

CA Single Sign-On is a suite of software for secure access to Web applications via single sign-on from CA USA. A security vulnerability exists in CA Single Sign-On's Domino Web Agent. A remote attacker could exploit the vulnerability by sending a specially crafted request to cause a denial of...

Cross site request forgery (csrf)

The Domino web agent in CA Single Sign-On aka SSO, formerly SiteMinder R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remote attackers to cause a denial of service daemon crash or obtain sensitive information via a crafted...

CVE-2015-6853

The Domino web agent in CA Single Sign-On aka SSO, formerly SiteMinder R6, R12.0 before SP3 CR13, R12.0J before SP3 CR1.2, R12.5 before CR5, R12.51 before CR4, and R12.52 before SP1 CR3 allows remote attackers to cause a denial of service daemon crash or obtain sensitive information via a crafted...

CVE-2015-6853

Technical details about CVE-2015-6853 are not publicly provided in the supplied documents; sources largely reiterate the vulnerability exists and can cause DoS or information disclosure. Monitor for updates.

Code injection

EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector...

CVE-2015-6851

MODE C: CVE-2015-6851 affects EMC RSA SecurID Web Agent before 8.0. The vulnerability enables physically proximate attackers to bypass the privacy-screen by using an unattended workstation and running DOM Inspector. The available sources (NVD and CNVD variants) describe a local access path leadin...

EMC RSA SecurID Web Agent Local Authentication Bypass Vulnerability

EMC RSA SecurID Web Agent is a cross-platform, Web-based solution from EMC that intercepts remote user access or user group local requests and directs them to the RSA Authentication Management Server for authentication. A local authentication bypass vulnerability exists in EMC RSA SecurID Web Age...