dectalk-tts is vulnerable to Cleartext Transmission of Sensitive Information ('Man-in-the-Middle'). The vulnerability is due to unencrypted HTTP traffic being sent to a third-party API. This ...
Continue ReadingApril 09, 2024
github.com/AlexxIT/go2rtc is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability is due to the /api/config endpoint which lacks validation for user-supplied input, allowing an attacker ...
Continue ReadingApril 09, 2024
github.com/canonical/pebble is vulnerable to a Arbitrary File Read. The vulnerability is due to the read-file API and the associated pebble pull command, allowing unprivileged local users to access fi ...
Continue ReadingApril 09, 2024
Ollama before 0.1.29 has a DNS rebinding vulnerability that can inadvertently allow remote access to the full API, thereby letting an unauthorized user chat with a large language model, delete a model ...
Continue ReadingApril 09, 2024
...Read More ...
Continue ReadingApril 08, 2024
Ollama before 0.1.29 has a DNS rebinding vulnerability that can inadvertently allow remote access to the full API, thereby letting an unauthorized user chat with a large language model, delete a model ...
Continue ReadingApril 08, 2024
An issue discovered in web-flash v3.0 allows attackers to reset passwords for arbitrary users via crafted POST request to...Read More ...
Continue ReadingApril 08, 2024
The digital landscape is continuously evolving, and with it, the strategies for safeguarding our applications against vulnerabilities. In a recent advisory, CISA & the FBI have highlighted the ...
Continue ReadingApril 08, 2024
Back to Main