aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6636 items

CVE-2021-20289: A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are retu

mediumvulnerability
security
Mar 26, 2021
CVE-2021-20289

CVE-2021-20289 is a flaw in RESTEasy (a framework for building web services) versions up to 4.6.0.Final where error messages expose sensitive information about the internal code. When RESTEasy cannot process certain parts of a request, it returns the class and method names of the endpoint in its error response, which could leak details about how the application is structured (CWE-209, generation of error messages containing sensitive information).

NVD/CVE Database

Broken NFT standards

infonews
security
Mar 19, 2021

NFT standards like EIP 721 and EIP 1152 have a critical flaw: they don't require a cryptographic hash (a unique digital fingerprint) linking the actual content to the blockchain entry, so the blockchain only proves you own a token ID, not the actual digital asset it claims to represent. This means metadata files and images can be stored centrally (for example, on Amazon S3), modified by anyone with access, or disappear entirely, leaving you unable to prove ownership of the original content even if you have a local copy.

CVE-2021-28796: Increments Qiita::Markdown before 0.33.0 allows XSS in transformers.

mediumvulnerability
security
Mar 18, 2021
CVE-2021-28796

Increments Qiita::Markdown before version 0.33.0 contains an XSS vulnerability (cross-site scripting, where attackers can inject malicious code into web pages) in its transformers component. The vulnerability is classified as CWE-79 (improper neutralization of input during web page generation).

CVE-2020-5016: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the sys

mediumvulnerability
security
Mar 10, 2021
CVE-2020-5016

IBM WebSphere Application Server versions 7.0, 8.0, 8.5, and 9.0 contain a path traversal vulnerability (CWE-22, a type of security flaw where an attacker can access files outside the intended directory) that allows remote attackers to view arbitrary XML files when application security is disabled and JAX-RPC applications are present. An attacker exploits this by sending specially-crafted URLs with "dot dot" sequences (/../) to navigate the file system, though the vulnerability does not occur if application security is enabled.

Hong Kong InfoSec Summit 2021 Talk - The adversary will come to your house!

infonews
security
Mar 3, 2021

A speaker announced they would present at the Hong Kong Information Security Summit 2021 on March 9th, sharing insights on protecting modern remote workplaces from a red teaming perspective (the practice of simulating attacks to test security defenses). The talk, titled 'Red Team Strategies for Helping Protect the Modern Workplace,' focuses on security strategies relevant to distributed work environments.

An alternative perspective on the death of manual red teaming

infonews
securitysafety

Cybersecurity Attacks - Red Team Strategies Kindle Edition for free

infonews
security
Feb 4, 2021

This is a disclaimer page for educational material about red team strategies (methods used by authorized security testers to find vulnerabilities by simulating attacks). The content emphasizes that penetration testing (authorized attempts to break into systems to find security weaknesses) must have proper permission before being performed.

CVE-2021-25758: In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to loca

highvulnerability
security
Feb 3, 2021
CVE-2021-25758

CVE-2021-25758 is a vulnerability in JetBrains IntelliJ IDEA versions before 2020.3 where insecure deserialization (converting data back into executable code without proper validation) of the workspace model could allow an attacker to run code locally on an affected system. The vulnerability has a CVSS 4.0 severity rating (a moderate security threat).

Team A and Team B: Sunburst, Teardrop and Raindrop

infonews
security
Feb 2, 2021

Microsoft analyzed the Sunburst attack (a major 2020 breach targeting SolarWinds software) and found that attackers used Cobalt Strike (a tool for command and control, letting attackers remotely direct compromised systems) alongside custom modifications to hide their backdoors in software. The attackers made each compromised system unique with different names and folder locations to avoid detection.

CVE-2021-21266: openHAB is a vendor and technology agnostic open source automation software for your home. In openHAB before versions 2.

mediumvulnerability
security
Feb 1, 2021
CVE-2021-21266

openHAB, a home automation software, had a vulnerability in versions before 2.5.12 and 3.0.1 that allowed attackers on the same network to read files from the system using XXE attacks (XML external entity attacks, which trick an XML parser into loading external files or data). Multiple add-ons that process XML data from other devices were vulnerable to this flaw.

Survivorship Bias and Red Teaming

infonews
securityresearch

CVE-2020-14756: Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). Supported versio

criticalvulnerability
security
Jan 20, 2021
CVE-2020-14756EPSS: 88.8%

A critical vulnerability (CVE-2020-14756) exists in Oracle Coherence, a data management product, that allows attackers to take over the system without needing to log in. The flaw affects multiple versions of the software and can be exploited remotely through IIOP and T3 network protocols, with a severity rating of 9.8 out of 10 (CVSS score, which measures how dangerous a security flaw is).

Gamifying Security with Red Team Scores

infonews
security
Jan 11, 2021

This article describes a method for creating security scores that compare different teams or services based on their security issues, helping organizations identify which areas need the most attention. The scoring system uses a multiplier (a scaling factor that makes severe issues count for much more than minor ones) to weight critical bugs more heavily than lower-severity ones, then sums these weighted values into a single score that can be displayed on a dashboard. By showing these scores to management, teams can have discussions about why some services have worse scores than others, which encourages improvements in security practices.

CVE-2020-17500: Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of

criticalvulnerability
security
Jan 7, 2021
CVE-2020-17500

Barco TransForm NDN-210 and NDN-211 devices before version 3.8 have a command injection vulnerability (a flaw that lets attackers run unauthorized commands) in their web login page that allows unauthenticated remote code execution (an attacker can run commands on the device without logging in) through the username and password fields. The vulnerability affects multiple device models across the Barco TransForm N solution.

CVE-2020-35370: A RCE vulnerability exists in Raysync below 3.3.3.8. An unauthenticated unauthorized attacker sending a specifically cra

highvulnerability
security
Dec 23, 2020
CVE-2020-35370

CVE-2020-35370 is a remote code execution vulnerability (the ability to run commands on a server without owning it) in Raysync versions before 3.3.3.8 that allows an attacker without authentication (login credentials) to send a specially crafted request that overwrites a file on the server with malicious code, then log in as the admin user and modify shell files to gain control of the hosting server.

CVE-2020-26270: In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length

mediumvulnerability
security
Dec 10, 2020
CVE-2020-26270

CVE-2020-26270 is a vulnerability in TensorFlow where LSTM/GRU models (types of neural network layers used for processing sequences) crash when they receive input with zero length on NVIDIA GPU systems, causing a denial of service (making the system unavailable). This happens because the system fails input validation (checking whether data is acceptable before processing it).

CVE-2020-26269: In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing

highvulnerability
security
Dec 10, 2020
CVE-2020-26269

TensorFlow's release candidate versions 2.4.0rc* contain a vulnerability in the code that matches filesystem paths to globbing patterns (a method of searching for files using wildcards), which can cause the program to read memory outside the bounds of an array holding directory information. The vulnerability stems from missing checks on assumptions made by the parallel implementation, but this issue only affects the development version and release candidates, not the final release.

CVE-2020-26268: In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memo

mediumvulnerability
security
Dec 10, 2020
CVE-2020-26268

A bug in TensorFlow's tf.raw_ops.ImmutableConst operation (a function that creates fixed tensors from memory-mapped files) causes the Python interpreter to crash when the tensor type is not an integer type, because the code tries to write to memory that should be read-only. This crash happens when the file is large enough to contain the tensor data, resulting in a segmentation fault (a critical memory access error).

CVE-2020-26267: In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_form

mediumvulnerability
security
Dec 10, 2020
CVE-2020-26267

CVE-2020-26267 is a vulnerability in TensorFlow where the tf.raw_ops.DataFormatVecPermute API (a function for converting data format layout) fails to check the src_format and dst_format inputs, leading to uninitialized memory accesses (using memory that hasn't been set to a known value), out-of-bounds reads (accessing data outside intended boundaries), and potential crashes. The vulnerability was patched across multiple TensorFlow versions.

CVE-2020-26266: In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code

mediumvulnerability
security
Dec 10, 2020
CVE-2020-26266

CVE-2020-26266 is a vulnerability in TensorFlow where saved models can accidentally use uninitialized values (memory locations that haven't been set to a starting value) during execution because certain floating point data types weren't properly initialized in the Eigen library (a math processing component). This is a use of uninitialized resource (CWE-908) type bug that could lead to unpredictable behavior when running affected models.

Previous317 / 332Next
Embrace The Red

Fix: Update to Qiita::Markdown version 0.33.0 or later. Details of the fix are available in the patch release notes at https://github.com/increments/qiita-markdown/compare/v0.32.0...v0.33.0.

NVD/CVE Database
NVD/CVE Database
Embrace The Red
Feb 8, 2021

This article argues against the idea that manual red teaming (the practice of simulating attacks to find security weaknesses) is dying due to automation. The author contends that red teaming is fundamentally about discovering unknown vulnerabilities and exploring creative attack strategies rather than just exploiting known bugs, and therefore cannot be fully automated even though adversaries will continue using AI and automation tools to scale their operations.

Embrace The Red
Embrace The Red
NVD/CVE Database
Embrace The Red

Fix: The vulnerabilities have been fixed in versions 2.5.12 and 3.0.1 by a more strict configuration of the used XML parser.

NVD/CVE Database
Jan 22, 2021

Survivorship bias is the logical error of focusing only on successes while ignoring failures, which can lead to incomplete understanding. The article applies this concept to red teaming (security testing where a team acts as attackers to find vulnerabilities) by noting that the MITRE ATT&CK framework (a database of known adversary tactics and techniques) only covers publicly disclosed threats, potentially causing security teams to overlook attack methods that haven't been publicly documented or aren't in the framework.

Embrace The Red
NVD/CVE Database
Embrace The Red

Fix: Update to TransForm N version 3.8 or later, which includes the patch for this issue.

NVD/CVE Database
NVD/CVE Database

Fix: This is fixed in TensorFlow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0. Users should update to one of these patched versions.

NVD/CVE Database

Fix: This is patched in version 2.4.0. The implementation was completely rewritten to fully specify and validate the preconditions.

NVD/CVE Database

Fix: This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

NVD/CVE Database

Fix: This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

NVD/CVE Database

Fix: This vulnerability is fixed in TensorFlow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0. Users should update to one of these patched versions.

NVD/CVE Database