7047 matches found
PT-2023-13714 · Vantage6 · Vantage6
Name of the Vulnerable Software and Affected Versions: vantage6 versions prior to 3.8.0 Description: vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. It does not inform the user of wrong username/password combination if the username actually exists, ...
CVE-2023-0548
The Namaste! LMS WordPress plugin before 2.5.9.4 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Putting Undetectable Backdoors in Machine Learning Models
This is really interesting research from a few months ago: Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. Delegation of learning has clear benefits, and at the same time raise...
Microsoft Azure Machine Learning Service Cleartext Storage of Credentials Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on Microsoft Azure. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of credentials within Azure Machine Learning Service workbooks. The issue results from storing...
Hardcoded credentials
Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links i.e. creating a Gradio app and then setting share=True, a private SSH key is sent to any...
CVE-2023-25823 Gradio contains Use of Hard-coded Credentials
Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links i.e. creating a Gradio app and then setting share=True, a private SSH key is sent to any...
CVE-2023-25823 Gradio contains Use of Hard-coded Credentials
Gradio is an open-source Python library to build machine learning and data science demos and web applications. Versions prior to 3.13.1 contain Use of Hard-coded Credentials. When using Gradio's share links i.e. creating a Gradio app and then setting share=True, a private SSH key is sent to any...
CVE-2023-25823
Gradio (Python library) is affected by CVE-2023-25823 in versions prior to 3.13.1, where using share links (share=True) causes a private SSH key to be sent to connected users. This can let an attacker access other users’ shared Gradio demos and, depending on exposure, perform further exploits. Th...
The Future of Network Security: Predictive Analytics and ML-Driven Solutions
As the digital age evolves and continues to shape the business landscape, corporate networks have become increasingly complex and distributed. The amount of data a company collects to detect malicious behaviour constantly increases, making it challenging to detect deceptive and unknown attack...
The Future of Network Security: Predictive Analytics and ML-Driven Solutions
As the digital age evolves and continues to shape the business landscape, corporate networks have become increasingly complex and distributed. The amount of data a company collects to detect malicious behaviour constantly increases, making it challenging to detect deceptive and unknown attack...
February 21, 2023—KB5022905 (OS Build 22000.1641) Preview
February 21, 2023—KB5022905 OS Build 22000.1641 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 21H2, see its update history page.Note Follow @WindowsUpdate to...
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
Google announced on Tuesday that it's officially rolling out Privacy Sandbox on Android in beta to eligible mobile devices running Android 13. "The Privacy Sandbox Beta provides new APIs that are designed with privacy at the core, and don't use identifiers that can track your activity across apps...
SUSE CVE-2019-15753
In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet flooding of non-local destinations, which both impedes network performance and allows users to possibly view the content of packets for instance...
CVE-2023-23382
Azure Machine Learning Compute Instance Information Disclosure Vulnerability...
CVE-2023-23382
Azure Machine Learning Compute Instance Information Disclosure Vulnerability...
CVE-2023-23382
Azure Machine Learning Compute Instance Information Disclosure Vulnerability...
Information disclosure
Azure Machine Learning Compute Instance Information Disclosure Vulnerability...
CVE-2023-23382 Azure Machine Learning Compute Instance Information Disclosure Vulnerability
...
CVE-2023-23382
CVE-2023-23382 affects Azure Machine Learning Compute Instance. Multiple sources describe an information-disclosure vulnerability in the Compute Instance that can be exploited remotely to access sensitive data. CVSSv3 base score is 6.5 (MEDIUM) with network access, low attack complexity and low p...
CVE-2023-23382 Azure Machine Learning Compute Instance Information Disclosure Vulnerability
...