Failures Database
This database contains reports analyzing software failures from the news. Currently, it contains failures from 2010 to 2022. This database was created through the FAIL (Failure Analysis Investigation with LLM) project. FAIL leverages Large Language Models (LLMs) to collect and analyze software failures reported in the news. Our work has been presented in the paper titled "FAIL: Analyzing Software Failures from the News Using LLMs." Contributing members include Dharun Anandayuvaraj, Matthew Campbell, Tanmay Singla, Parth Patil, Arav Tewari, and James C. Davis from Purdue University.
| Title | Published Date | System | Number of Articles | Actions |
|---|---|---|---|---|
| iOS VPN Bypass Vulnerability in Apple Devices. | 2022-08-19 | 1. iOS VPN functionality on Apple's iOS devices, specifically versions starting from at least iOS 13.3.1 [131224] 2. ProtonVPN's app on iOS devices [131224] 3. Kill Switch function in ProtonVPN [131224] 4. Airplane Mode functionality on iOS devices [131224] 5. OVPN app running the WireGuard protocol on iOS devices [131224] | 1 | View Details |
| Security Vulnerabilities Discovered in Google Pixel 6 Firmware. | 2022-08-10 | 1. Boot loader in Pixel 6 firmware [131216] 2. Titan M2 security chip in Pixel 6 [131216] | 1 | View Details |
| Zoom's Automatic Update Feature Vulnerabilities Lead to Total Control | 2022-08-12 | 1. Zoom's automatic update feature validation checks for updates [131219, 132593] 2. Cryptographic signature check in Zoom's automatic update feature [131219, 132593] 3. Zoom's updater.app tool for update distribution [131219, 132593] 4. Zoom's installer allowing injection of malicious software during the update process [131219] | 2 | View Details |
| VistA Encryption Vulnerability in U.S. Department of Veterans Affairs | 2022-08-13 | 1. VistA (Veterans Information Systems and Technology Architecture) - the electronic medical records platform used by the U.S. Department of Veterans Affairs [131215]. | 1 | View Details |
| Twitter's Security Vulnerabilities and Privacy Failures Leading to National Security Risks | 2022-08-23 | 1. Twitter's security practices and architecture [131222, 130996] 2. Twitter's data center servers with outdated software and lacking encryption [131222, 130996] 3. Lack of comprehensive development or testing environments for new features and system upgrades at Twitter [131222] 4. Twitter's handling of user data, including not deleting data of users who leave the platform as required [130996] 5. Twitter's misleading information about spam accounts and security vulnerabilities [130996] 6. Twitter's potential vulnerability to foreign exploitation and presence of foreign spies on its payroll [130996] 7. Twitter's violations of commitments to the FTC regarding user data handling and cybersecurity practices [130996] | 2 | View Details |
| Tractor Hacking Incident at DefCon 2022: Security Vulnerabilities Exposed | 2022-08-13 | 1. John Deere tractor control touchscreen consoles, including models 2630 and 4240, failed due to vulnerabilities exploited by Sick Codes [131208]. | 1 | View Details |
| Vulnerabilities in Emergency Alert System Software Allow Fake Messages Broadcasting | 2022-08-03 | 1. Emergency Alert System (EAS) devices running unpatched and unsecured software [131240] | 1 | View Details |
| Decentralized Robbery: Nomad's Bridge Exploit Results in $190M Loss | 2022-08-02 | 1. Nomad's bridge smart contract system [131333] | 1 | View Details |
| Insecure Development Practices Lead to Data Leaks in Mobile Apps | 2022-09-01 | 1. Mobile app cloud infrastructure 2. Hard-coded authentication credentials 3. Amazon Web Services credentials 4. Third-party AI digital identity software development kit | 1 | View Details |
| Tesla Autopilot Confusion with Horse-Drawn Carriage Incident. | 2022-08-18 | 1. Tesla's self-driving system [131017] | 1 | View Details |