Aggregator

结合自己发现和公开的案例来讲解这十大风险

第四届阿里CTF官方writeup

大模型的出现确实改变了我们获取信息的方式，无论是写代码还是日常办公，这些模型展现出的推理能力让人惊艳。但随着使用场景越来越广，大家发现了一个非常头疼的问题，那就是模型经常会一本正经地胡说八道。在技术圈，我们把这种现象称为幻觉。简单来说，就是模型生成的内容听起来逻辑通顺、语气笃定，但实际上内容却是凭空捏造的。

漏洞简介SandboxJS是一款用于安全执行不可信JavaScript代码的沙箱库。该库在0.8.26版本之前存在一个严重的设计缺陷，攻击者可利用该漏洞通过异步函数实例的.constructor属性获取原生的AsyncFunction构造函数，并借此创建在沙箱全局作用域下执行的函数，从而完全绕过所有沙箱限制，在主机环境中实现任意代码执行。和vm2差不多，被用于各种AI平台进行环境隔离漏洞影响评分：

A Taiwanese national was sentenced to 30 years in U.S. prison for his role as an administrator of Incognito Market, a popular dark web platform that facilitated more than $100 million of drug sales.

AI 安全护栏并非绝对安全，其本质仍是一个判别系统。在复杂真实场景中，攻击者可以通过构造特定输入或诱导输出，使模型行为偏离设计预期，从而形成潜在绕过风险。

TLDFinder: A streamlined tool for discovering private TLDs for security research

本文主要是讲 AI 时代下的红队安全工具的开发，以及如何把安全工具接到大语言模型里。涉及到 MCP 客户端的结合，分布式的 MSF 的命令的执行，如何独立的 session 管理，代码优化的思路及调试等内容。以红队安全工具开发的细节处理为初始点，让初学者也能玩转 MCP。

A vulnerability was found in node-tar up to 4.4.1. It has been declared as critical. Impacted is an unknown function of the component Tarball Handler. The manipulation results in link following. This vulnerability was named CVE-2018-20834. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Elegant Themes Bloom Plugin up to 1.1.0 on WordPress. The impacted element is an unknown function. Such manipulation leads to improper privilege management. This vulnerability is listed as CVE-2016-11003. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability has been found in WordPress Real Media Library Plugin up to 4.14.1 and classified as problematic. This affects an unknown part of the file ~/inc/overrides/lite/rest/Folder.php. The manipulation of the argument Name leads to cross site scripting. This vulnerability is uniquely identified as CVE-2021-34668. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.1. The affected element is the function wmi_evaluate_method. The manipulation results in memory leak. This vulnerability is reported as CVE-2022-50521. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.1. The impacted element is the function chameleon_parse_gdd. This manipulation causes improper update of reference count. This vulnerability appears as CVE-2022-50522. The attacker needs to be present on the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.0.15/6.1.1. This impacts the function platform_get_resource of the component mediatek. The manipulation leads to unchecked return value. This vulnerability is listed as CVE-2022-50524. The attack must be carried out from within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.1. It has been classified as critical. This affects the function rockchip_clk_register_pll of the component clk. Performing a manipulation results in memory leak. This vulnerability was named CVE-2022-50523. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.0.18/6.1.4. Affected by this issue is the function amdgpu_bo_validate_size. This manipulation causes uninitialized pointer. This vulnerability is tracked as CVE-2022-50527. The attack is only possible within the local network. No exploit exists. You should upgrade the affected component.