Flaws

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks – Go Health Pro

by
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks – Go Health Pro

Nov 26, 2024Ravie LakshmananVulnerability / Website Security Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of … Read more

Ubuntu affected by 10-year-old flaws in needrestart package – Go Health Pro

by
Ubuntu affected by 10-year-old flaws in needrestart package – Go Health Pro

Ubuntu users are urged to install updates to patch flaws in the needrestart utility package that could enable local users to escalate their privileges to root without user interaction. The five vulnerabilities were discovered by the Qualys Threat Research Unit (TRU), which first published details about the flaws on Tuesday. The affected utility, needrestart, is … Read more

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration – Go Health Pro

by
New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration – Go Health Pro

Nov 12, 2024Ravie LakshmananVirtualization / Vulnerability Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and … Read more

Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning – Go Health Pro

by
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning – Go Health Pro

Nov 04, 2024Ravie LakshmananVulnerability / Cyber Threat Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. “Collectively, the vulnerabilities could allow an attacker to carry out a wide-range of malicious actions … Read more

AI bug bounty program yields 34 flaws in open-source tools – Go Health Pro

by
AI bug bounty program yields 34 flaws in open-source tools – Go Health Pro

Nearly three dozen flaws in open-source AI and machine learning (ML) tools were disclosed Tuesday as part of Protect AI’s huntr bug bounty program. The discoveries include three critical vulnerabilities: two in the Lunary AI developer toolkit and one in a graphical user interface (GUI) for ChatGPT called Chuanhu Chat. The October vulnerability report also … Read more

x