Lucene search
K

429 matches found

Spring Security Advisories
Spring Security Advisories
added 2024/09/26 12:0 a.m.16 views

AI Meets Spring Petclinic: Implementing an AI Assistant with Spring AI (Part I)

Introduction In this two-parts blog post, I will discuss the modifications I made to Spring Petclinic to incorporate an AI assistant that allows users to interact with the application using natural language. Introduction to Spring Petclinic Spring Petclinic serves as the primary reference...

6.4AI score
Exploits0
CNNVD
CNNVD
added 2024/06/27 12:0 a.m.3 views

lunary 访问控制错误漏洞

lunary is lunary open source a production toolkit for LLM . An access control error vulnerability exists in lunary that stems from improper access control and can be exploited by an attacker to change the name of an organization...

5.3CVSS6.8AI score0.00407EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.6 views

Lunary 安全漏洞

Lunary is lunary open source a production toolkit for LLM. Lunary has an authorization issue vulnerability that stems from the lack of proper authorization checks in the dataset deletion end node, which can be exploited by an attacker to delete any dataset...

7.5CVSS6.8AI score0.00484EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.7 views

ChuanhuChatGPT Path Traversal Vulnerability

ChuanhuChatGPT provides a fast and easy-to-use Web GUI for ChatGPT/ChatGLM/LLaMA/StableLM/MOSS and other LLMs. ChuanhuChatGPT suffers from a path traversal vulnerability that stems from the use of an outdated gradio component that is susceptible to path traversal attacks...

9.8CVSS6.8AI score0.03757EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.4 views

ChuanhuChatGPT Information Disclosure Vulnerability

ChuanhuChatGPT provides a fast and easy-to-use Web GUI for ChatGPT/ChatGLM/LLaMA/StableLM/MOSS and other LLMs. ChuanhuChatGPT suffers from an information disclosure vulnerability that stems from a timing attack vulnerability in the password comparison logic...

7.5CVSS6.4AI score0.01411EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.6 views

ChuanhuChatGPT Access Control Error Vulnerability

ChuanhuChatGPT is a lightweight and easy-to-use Web GUI for ChatGPT/ChatGLM/LLaMA/StableLM/MOSS and many other LLMs. ChuanhuChatGPT suffers from an access control error vulnerability that stems from an improper access control mechanism...

6.5CVSS6.8AI score0.00503EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/06/06 12:0 a.m.6 views

Number withdrawn

Lunary is a production toolkit for LLMs from lunary open source. This CVE number has been withdrawn...

6.8AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.5 views

The vulnerability of Ollama’s system for running and managing large language models (LLMs) lies in its reliance on reverse DNS resolution for IP addresses. This allows attackers to perform DNS Rebinding attacks or cause service failures.

The vulnerability of Ollama’s system for running and managing large language models is related to the use of reverse DNS resolution for IP addresses. Exploiting this vulnerability could allow a remote attacker to perform a DNS Rebinding attack or cause a service failure...

10CVSS6.6AI score0.00334EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/05/22 12:0 a.m.6 views

编号撤回

Lunary is a production toolkit for LLMs from lunary open source. This CVE number has been withdrawn...

6.8AI score
Exploits0References3
Akamai Blog
Akamai Blog
added 2024/04/24 1:0 p.m.3 views

Getting Started with LLMs: Managing Data Collection

...

7AI score
Exploits0
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.6 views

编号撤回

Lunary is a production toolkit for LLMs from lunary open source. This CVE number has been withdrawn...

6.8AI score
Exploits0References4
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.5 views

编号撤回

Lunary is a production toolkit for LLMs from lunary open source. This CVE number has been withdrawn...

6.8AI score
Exploits0References3
The Hacker News
The Hacker News
added 2024/02/26 10:29 a.m.34 views

Three Tips to Protect Your Secrets from AI Accidents

Last year, the Open Worldwide Application Security Project OWASP published multiple versions of the "OWASP Top 10 For Large Language Models," reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models,...

8.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/25 1:54 p.m.18 views

AI likely to boost ransomware, warns government body

The British National Cyber Security Centre NCSC says it expects Artificial Intelligence AI to heighten the global ransomware threat. In a report, the NCSC makes the assessment that AI will almost certainly increase the volume and heighten the impact of cyberattacks over the next two years. We’re...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/07 12:8 p.m.23 views

How AI hallucinations are making bug hunting harder

Bug bounty programs that pay people for finding bugs are a very useful tool for improving the security of software. But with the availability of artificial intelligence AI as seen in the popular large language models LLMs like ChatGPT, Bard, and others it looks like there is a new problem on the...

7.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/12/15 12:1 p.m.12 views

A Robot the Size of the World

In 2016, I wrote about an Internet that affected the world in a direct, physical manner. It was connected to your smartphone. It had sensors like cameras and thermostats. It had actuators: Drones, autonomous cars. And it had smarts in the middle, using sensor data to figure out what to do and the...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/12/07 1:45 p.m.17 views

Is Web Scraping Illegal? Depends on Who You Ask

Web scraping has existed for a long time, and depending on who you ask, it can be loved or hated. But where is the line drawn between extracting data for legitimate business purposes and malicious data extraction that hurts business? The bar is getting blurrier by the day, and the introduction of...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/09 11:55 a.m.32 views

Webinar: How vCISOs Can Navigating the Complex World of AI and LLM Security

In today's rapidly evolving technological landscape, the integration of Artificial Intelligence AI and Large Language Models LLMs has become ubiquitous across various industries. This wave of innovation promises improved efficiency and performance, but lurking beneath the surface are complex...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/09/08 11:5 a.m.28 views

LLMs and Tool Use

Last March, just two weeks after GPT-4 was released, researchers at Microsoft quietly announced a plan to compile millions of APIs--tools that can do everything from ordering a pizza to solving physics equations to controlling the TV in your living room--into a compendium that would be made...

6.6AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/06/26 4:0 p.m.12 views

Why endpoint management is key to securing an AI-powered future

The chief information security officer CISO agenda has a new set of priorities. Hybrid work and the resultant architecture updates, so prevalent at the beginning of the pandemic, are no longer top of mind. Instead, the thinking is focused on tackling ever more sophisticated threats and integratin...

7.4AI score
Exploits0
Rows per page
Query Builder