Lucene search
K

12 matches found

The Hacker News
The Hacker News
added 2026/04/20 5:14 p.m.9 views

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-5760 , carries a CVSS score of 9.8 out of 10.0. It has been described as a case of command injection...

9.8CVSS6.9AI score0.2842EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.16 views

Ollama <= 0.3.14 Multiple Vulnerabilities

The version of Ollama installed on the remote host is prior or equal to 0.3.14. It is, therefore, affected by multiple vulnerabilities, including the following: - A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to upload and create a customized GGUF model file on the...

7.5CVSS7.4AI score0.13476EPSS
Exploits5References8
Snyk
Snyk
added 2025/03/20 12:32 p.m.3 views

Division by zero

Overview Affected versions of this package are vulnerable to Division by zero via the ggufPadding function. An attacker can cause the server to crash by uploading and creating a customized GGUF model file on the server. PoC python import os import json import requests import hashlib if you use th...

8.7CVSS6.9AI score0.13476EPSS
Exploits1References2
OSV
OSV
added 2025/03/20 12:32 p.m.11 views

GHSA-9GCR-28RP-CC24 Ollama Divide By Zero vulnerability

A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service DoS attack...

7.5CVSS7AI score0.13476EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.16 views

Ollama Allows Out-of-Bounds Read

A vulnerability in Ollama versions =0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service DoS attack. The root cause of the issue is an...

7.5CVSS6.5AI score0.00822EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2025/03/20 10:15 a.m.29 views

CVE-2024-12055

A vulnerability in Ollama versions =0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service DoS attack. The root cause of the issue is an...

7.5CVSS0.00822EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.26 views

CVE-2025-0312 NULL Pointer Dereference in ollama/ollama

A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service DoS attack via remote network...

7.5CVSS0.00648EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:10 a.m.8 views

CVE-2025-0317 Divide By Zero in ollama/ollama

A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service DoS attack...

7.5CVSS6AI score0.13476EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.21 views

CVE-2025-0317 Divide By Zero in ollama/ollama

A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service DoS attack...

7.5CVSS0.13476EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:9 a.m.9 views

CVE-2025-0315 Allocation of Resources Without Limits or Throttling in ollama/ollama

A vulnerability in ollama/ollama =0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service DoS attack...

7.5CVSS7AI score0.00672EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/03/20 10:8 a.m.25 views

CVE-2024-12055 DoS using malicious gguf model file in ollama/ollama

A vulnerability in Ollama versions =0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service DoS attack. The root cause of the issue is an...

7.5CVSS0.00822EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.2 views

PT-2025-12312 · Ollama · Ollama

Name of the Vulnerable Software and Affected Versions: ollama/ollama versions prior to 0.3.14 Description: A malicious user can upload and create a customized GGUF model file on the Ollama server, leading to a division by zero error in the ggufPadding function. This error causes the server to...

7.5CVSS7.4AI score0.13476EPSS
Exploits5References18
Rows per page
Query Builder