Routing Cybersecurity Awareness Training by FFM Personality Trait: A Quasi-Experimental Evaluation

Cybersecurity awareness training has historically adopted a one-size-fits-all approach, despite established individual differences in how users process and retain security information. Personality has been proposed as one axis along which training content might be tailored; yet no prior study has...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md: fixed the double-free of ioacctset bioset. Now, ioacctset is allocated and freed within a single operation in the personality context. The code that freed ioacctset during mdfree and mdstop has been removed...

Belief in False Information: A Human-Centered Security Risk in Sociotechnical Systems

This paper provides a comprehensive literature review on the belief in false information, including misinformation, disinformation, and fake information. It addresses the increasing societal concern regarding false information, which is fueled by technological progress, especially advancements in...

CVE-2024-4328

A Cross-Site Request Forgery CSRF vulnerability exists in the clearpersonalityfileslist function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users...

CVE-2024-7058

A vulnerability in the sanitizepath function in parisneo/lollms-webui v10 - latest allows an attacker to bypass path sanitization by using relative paths such as './'. This can lead to unauthorized access to directories within the personalityfolder on the victim's computer...

Relative Path Traversal

Overview lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Relative Path Traversal in the sanitizepath function, which does not account for ./ sequences in pathnames. An attacker can bypass the sanitization to access the contents of...

CVE-2024-7058

A vulnerability in the sanitizepath function in parisneo/lollms-webui v10 - latest allows an attacker to bypass path sanitization by using relative paths such as './'. This can lead to unauthorized access to directories within the personalityfolder on the victim's computer...

CVE-2024-7058

A vulnerability in the sanitizepath function in parisneo/lollms-webui v10 - latest allows an attacker to bypass path sanitization by using relative paths such as './'. This can lead to unauthorized access to directories within the personalityfolder on the victim's computer...

SUSE CVE-2022-49384

In the Linux kernel, the following vulnerability has been resolved: md: fix double free of ioacctset bioset Now ioacctset is alloc and free in personality. Remove the codes that free ioacctset in mdfree and mdstop...

DEBIAN-CVE-2022-49384

In the Linux kernel, the following vulnerability has been resolved: md: fix double free of ioacctset bioset Now ioacctset is alloc and free in personality. Remove the codes that free ioacctset in mdfree and mdstop...

UBUNTU-CVE-2022-49384

In the Linux kernel, the following vulnerability has been resolved: md: fix double free of ioacctset bioset Now ioacctset is alloc and free in personality. Remove the codes that free ioacctset in mdfree and mdstop...

CVE-2022-49384 md: fix double free of io_acct_set bioset

In the Linux kernel, the following vulnerability has been resolved: md: fix double free of ioacctset bioset Now ioacctset is alloc and free in personality. Remove the codes that free ioacctset in mdfree and mdstop...

UBUNTU-CVE-2024-47745

In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler calls dommap directly, which doesn't contain the LSM security check. And if the process has called personalityREADIMPLIESEXEC before and...

Relative Path Traversal

Overview lollms is a python library for AI personality definition Affected versions of this package are vulnerable to Relative Path Traversal due to improper sanitization of the personalityfolder parameter. An attacker can read any folder in the personalityfolder on the victim's computer by...

PYSEC-2024-122

A path traversal vulnerability exists in the api openpersonalityfolder endpoint of parisneo/lollms-webui. This vulnerability allows an attacker to read any folder in the personalityfolder on the victim's computer, even though sanitizepath is set. The issue arises due to improper sanitization of t...

PT-2024-38022 · Unknown · Parisneo/Lollms-Webui +1

Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui affected versions not specified parisneo/lollms affected versions not specified Description: A path traversal issue exists due to improper sanitization of the personality folder parameter in the "api open personality...

lollms path traversal vulnerability

LoLLMs is a Web UI for a large language multimodal system by Saifeddine ALOUI Personal Developer. A path traversal vulnerability exists in lollms version 9.4.0, which stems from a path traversal vulnerability in the etpersonalityconfig endpoint that can be exploited by an attacker to overwrite th...

CVE-2024-4328

A Cross-Site Request Forgery CSRF vulnerability exists in the clearpersonalityfileslist function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users...

schizoid-personality-disorder-test.okcupid-com.freecougardatingsite.com Cross Site Scripting vulnerability OBB-3355809

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

MAL-2023-867 Malicious code in the-four-tendencies-the-indispensable-personality-profiles-that-reveal-how-to-make-your-life-better- (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d3e9297cd32e9acc254a75e4a5d526916cc24499d026cbc04de40218284ff849 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...