Realised last night that JavaScript Database (JSDB) doesn’t run the constructor on persisted custom objects (https://codeberg.org/small-tech/jsdb#custom-data-types) when deserialising them because I didn’t know that you apparently have to define your constructor manually when using Object.create().

Will fix it today but it’s something to watch out for if you’re using Object.create() directly.

For more info, see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/create

#JSDB #customObjects #constructor #bug #JavaScript #NodeJS #SmallTech #SmallWeb

jsdb

A zero-dependency, transparent, in-memory, streaming write-on-update JavaScript database for the Small Web that persists to a JavaScript transaction log.

^Codeberg.org

@gnome Bug report:

OS: Fedora Linux 40.20240424.0 (Silverblue) x86_64
DE: GNOME 46.1 (Wayland)

Vivaldi Open dialogue after clicking Choose file on a file input: flickering tooltip.

CC @Vivaldi

#bug #flickeringTooltip #vivaldi #gnome

@Vivaldi Bug report:

- OS: Fedora Linux 40.20240424.0 (Silverblue) x86_64
- DE: GNOME 46.1 (Wayland)

After signing in after sleep, Vivaldi renders at @1x even though my screen is set to @2x.

(Moving the window around or resizing it, etc., re-renders it at the correct resolution.)

#vivaldi #gnome #fedora #fedora40 #resolution #scale #bug #bugReport

There’s a long-standing bug in Fedora (also in Fedora 40), where the sign-in screen is displayed at the wrong resolution (it doesn’t use the settings you have set in the Settings app).

So, for example, if you have 4K@2x set in your settings for your monitor, the sign-in screen will still display at a tiny 4K@1x.

To fix, download an app called GDM Settings from the Software app and press Display → Apply current display settings → Apply.

#Fedora40 #Fedora #GDM #GNOME #bug #resolution #signIn

#CVE-2024-20356: #Jailbreaking a #Cisco appliance to run #DOOM

In this adventure, the Cisco #C195 device family was jailbroken in order to run unintended code. This includes the discovery of a vulnerability in the #CIMC body management controller which affects a range of different devices, whereby an authenticated high privilege user can obtain underlying root access to the server’s #BMC (CVE-2024-20356) which in itself has high-level access to various other components in the system. The end goal was to run DOOM – if a smart fridge can do it, why not Cisco?

source: https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/

#software #security #bug #network #game #news #vulnerability #exploit #hack #hacker

CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM - LRQA Nettitude Labs

Exploiting remote code execution in Cisco's CIMC management system and jailbreaking the device to run untrusted code

^{Aaron Thacker (LRQA Nettitude Labs)}

#LLM Agents can Autonomously #Exploit One-day Vulnerabilities

Source: https://arxiv.org/abs/2404.08144

To show this, we collected a dataset of 15 one-day vulnerabilities that include ones categorized as critical severity in the #CVE description. When given the CVE description, GPT-4 is capable of exploiting 87% of these vulnerabilities compared to 0% for every other model we test (GPT-3.5, open-source LLMs) and open-source vulnerability scanners (ZAP and #Metasploit).

#ai #technology #Software #chatgpt #bug #hack #news #cybersecurity

LLM Agents can Autonomously Exploit One-day Vulnerabilities

LLMs have becoming increasingly powerful, both in their benign and malicious uses. With the increase in capabilities, researchers have been increasingly interested in their ability to exploit cybersecurity vulnerabilities.

^arXiv.org