Security
Headlines

Headlines Latest CVEs

Headline

GHSA-4qq5-mxxx-m6gg: MLflow authentication requirement bypass can allow a user to arbitrarily create an account

An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirement.

1 year ago

MLflow authentication requirement bypass can allow a user to arbitrarily create an account

Critical severity GitHub Reviewed Published Nov 16, 2023 to the GitHub Advisory Database • Updated Nov 17, 2023

Related news

An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment.

1 year ago

ghsa: Latest News

GHSA-95m2-chm4-mq7m: PHP-Textile has persistent XSS vulnerability in image link handling

11 hours ago

GHSA-2r2v-9pf8-6342: WireGuard Portal v2 Vulnerable to OAuth Insecure Redirect URI / Account Takeover

13 hours ago

GHSA-r5vf-wf4h-82gg: matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity

13 hours ago

GHSA-f27p-cmv8-xhm6: fetch: Authorization headers not dropped when redirecting cross-origin

1 day ago

GHSA-2p95-8xvm-2pjx: REDAXO CMS Cross-site Scripting vulnerability

1 day ago