7047 matches found
How to Build a Cybersecurity Culture in Your Company
Decoding the Essential Components of Cyber Safeguard Culture In today's era, marked by copious dependencies on digital technologies, strengthening defenses against digital security vulnerabilities has become more than just a choice, it's a critical necessity. Establishing a culture of cyber...
CVE-2023-38826
A Cross Site Scripting XSS vulnerability exists in Follet Learning Solutions Destiny through 20.01U. via the handlewpesearchform.do. searchString...
CVE-2023-38826
A Cross Site Scripting XSS vulnerability exists in Follet Learning Solutions Destiny through 20.01U. via the handlewpesearchform.do. searchString...
Cross site scripting
A Cross Site Scripting XSS vulnerability exists in Follet Learning Solutions Destiny through 20.01U. via the handlewpesearchform.do. searchString...
CVE-2023-38826
A Cross Site Scripting XSS vulnerability exists in Follet Learning Solutions Destiny through 20.01U. via the handlewpesearchform.do. searchString...
CVE-2023-38826
CVE-2023-38826 — Follett Destiny (through 20.0 1U) is a Cross Site Scripting (XSS) issue exploitable via the handlewpesearchform.do endpoint, specifically through the searchString parameter. The PT-2023-26613 entry confirms affected software and versions and provides concrete exploit context, inc...
PYSEC-2023-249
Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of gradio prior to 4.11.0 contained a vulnerability in the /file route which made them susceptible to file traversal...
Mlflow Code Issue Vulnerability
Mlflow is an open source platform for machine learning lifecycle. Mlflow suffers from a code issue vulnerability. An attacker exploiting this vulnerability could remotely execute code on a victim computer...
We Asked ChatGPT for 2024 Cybersecurity Predictions but You Should Make These Resolutions Instead
By Caitlin Condon, Senior Manager, Vulnerability Research at Rapid7, and Christiaan Beek, Senior Director, Threat Analytics at Rapid7 It’s that time of year again — time for the annual tradition of cybersecurity predictions. Here at Rapid7 we’ve seen a whole lot of threats and exploited...
Chrome starts the countdown to the end of tracking cookies
Google has announced that it will start rolling its Chrome web browsers new Tracking Protection feature from January of 2024. Tracking Protection is part of Google’s Privacy Sandbox initiative to phase out third-party cookies. The Tracking Protection feature aims to disable third-party cookies...
Gradio Command Injection Vulnerability
Gradio is an open source Python library that is a way to demonstrate machine learning models through a friendly web interface. Gradio suffers from a command injection vulnerability that stems from the application exposing sensitive information to unauthorized participants...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to grant themselves elevated privileges, gain access to sensitive data, or to impersonate another user via a cross-site scripting attack. Such an attack can lead to execution of...
GHSA-M5PC-86X8-WCXG Exposure of Sensitive Information in mltable
Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability...
Exposure of Sensitive Information in mltable
Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability...
CVE-2023-35625
Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability...
CVE-2023-35625
Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability...
CVE-2023-35625
Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability...
Information disclosure
Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability...
CVE-2023-35625 Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability
...
CVE-2023-35625
Azure Machine Learning Compute Instance for SDK Users (CVE-2023-35625) is an information disclosure vulnerability with a CVSS v3.1 base score of 4.7 (Local attack, High confidentiality impact; others not impacted). Affected component is the Azure Machine Learning Compute Instance for SDK Users. R...