5 matches found
openSUSE Security Advisory (SUSE-SU-2024:3950-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence AI framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an...
govulncheck-vulndb-0.0.20241101T215616-1.1 on GA media (moderate)
govulncheck-vulndb-0.0.20241101T215616-1.1 on GA media Announcement ID: openSUSE-SU-2024:14452-1 Rating: moderate Cross-References: CVE-2024-39720 CVE-2024-50354 CVE-2024-8185 Affected Products: openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. Description: These a...
GO-2024-3245 Ollama Out-of-bounds Read in github.com/ollama/ollama
Ollama Out-of-bounds Read in github.com/ollama/ollama...
CVE-2024-39720
An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file,...