CVE-2023-47631

The CVE-2023-47631 vulnerability affects vantage6-server components where a node does not verify if an image is allowed to run when a misleading parent_id is present. A compromised server could modify the parent_id to execute a non-whitelisted algorithm, since the ID prevents the standard checks ...

CVE-2023-47631 vantage6 Node accepts non-whitelisted algorithms from malicious server

vantage6 is a framework to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. In affected versions a node does not check if an image is allowed to run if a parentid is set. A malicious party that breaches the server may modify it to set a...

CVE-2023-47631 vantage6 Node accepts non-whitelisted algorithms from malicious server

vantage6 is a framework to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. In affected versions a node does not check if an image is allowed to run if a parentid is set. A malicious party that breaches the server may modify it to set a...

NEW RESEARCH: Artificial intelligence and Machine Learning Can Be Used to Stop DAST Attacks Before they Start

Within cloud security, one of the most prevalent tools is dynamic application security testing, or DAST. DAST is a critical component of a robust application security framework, identifying vulnerabilities in your cloud applications either pre or post deployment that can be remediated for a...

MLDB Security Vulnerabilities

MLDB is a machine learning database from MLDB, Inc. A security vulnerability exists in MLDB version v.2017.04.17.0. A remote attacker could exploit the vulnerability to execute arbitrary code via a specially crafted payload to publichtml/doc/index.html...

Using ChatGPT to cheat on assignments? New tool detects AI-generated text with amazing accuracy

ChatGPT and similar Large language models LLMs can be used to write texts about any given subject, at any desired length at a speed unmatched by humans. So its not a surprise that students have been using them to "help" write assignments, much to the dismay of teachers who prefer to receive...

[SECURITY] Fedora 38 Update: mlpack-4.2.1-5.fc38

mlpack is a C++ machine learning library with emphasis on scalability, speed, and ease-of-use. Its aim is to make machine learning possible for novice users by means of a simple, consistent API, while simultaneously exploiting C++ language features to provide maximum performance and maximum...

[SECURITY] Fedora 39 Update: mlpack-4.2.1-5.fc39

mlpack is a C++ machine learning library with emphasis on scalability, speed, and ease-of-use. Its aim is to make machine learning possible for novice users by means of a simple, consistent API, while simultaneously exploiting C++ language features to provide maximum performance and maximum...

[SECURITY] Fedora 37 Update: mlpack-4.2.1-5.fc37

mlpack is a C++ machine learning library with emphasis on scalability, speed, and ease-of-use. Its aim is to make machine learning possible for novice users by means of a simple, consistent API, while simultaneously exploiting C++ language features to provide maximum performance and maximum...

Fedora: Security Advisory (FEDORA-2023-862bb40df5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for mlpack (FEDORA-2023-23c0bd9a45)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for mlpack (FEDORA-2023-dde357b985)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-47430

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar The School Management – Education & Learning Management allows SQL Injection.This issue affects The School Management – Education & Learning Management: from n/a through 4.1...

CVE-2022-47430

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar The School Management – Education & Learning Management allows SQL Injection.This issue affects The School Management – Education & Learning Management: from n/a through 4.1...

CVE-2022-47430

CVE-2022-47430 affects The School Management – Education & Learning Management WordPress plugin (versions ≤ 4.1). Affects the plugin via an improper neutralization of SQL elements, enabling SQL Injection. Public records in the sources note the vulnerability severity varies: NVD indicates CVSS v3....

CVE-2022-47430 WordPress The School Management – Education & Learning Management Plugin <= 4.1 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Weblizar The School Management – Education & Learning Management allows SQL Injection.This issue affects The School Management – Education & Learning Management: from n/a through 4.1...

CVE-2023-46963

An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5 allows a remote attacker to obtain sensitive information via the password parameter in the login function...

CVE-2023-46963

An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5 allows a remote attacker to obtain sensitive information via the password parameter in the login function...

The vulnerability of the Learning Module component of the ILIAS learning management and support system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Learning Module component of the ILIAS learning management and support system exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity...

CVE-2023-46963

CVE-2023-46963 affects Yunfan Learning Examination System v6.5 from Beijing Yunfan Internet Technology Co.; reported as an information disclosure via the login password parameter. The vulnerability is described as allowing a remote attacker to obtain sensitive data during login. Public details in...