Oct 29, 2024Ravie LakshmananAI Security / Vulnerability A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part … Read more
A thermostat that automatically calibrates to the perfect temperature, a wearable device that tracks employees’ health, and self-parking chairs to keep meeting rooms tidy. This is a glimpse into the future of work, where cutting-edge technology such as AI, IoT, and automation are transforming traditional offices into thriving hubs of innovation and connectivity. However, despite … Read more
DrayTek patched 14 vulnerabilities affecting 24 of its router models, including a maximum severity buffer overflow flaw that could lead to remote code execution (RCE) or denial-of-service (DoS). The two critical-, nine high- and three medium-severity DrayTek bugs were discovered by Forescout Research’s Vedere Labs and described in a report titled “DRAY:BREAK” published Thursday. Shodan … Read more
Four vulnerabilities in SAP, D-Link, DrayTek and Motion Spell products were added to the Known Exploited Vulnerabilities (KEV) catalog Monday by the Cybersecurity & Infrastructure Security Agency (CISA) The vulnerabilities, most of which are several years old, pose risks including privilege escalation and remote command execution. Due to targeting of these flaws by threat actors, … Read more
Veeam launched patches for 13 high-severity and 5 vital vulnerabilities, together with one flaw in Veeam Backup & Replication that would result in unauthenticated distant code execution (RCE). The September 2024 Veeam safety bulletin, final up to date Thursday, consists of bugs found in six Veeam merchandise, with CVSS scores starting from 7.3 to 9.9. … Read more
