GHSA-7m27-7ghc-44w9: Next.js Allows a Denial of Service (DoS) with Server Actions

GHSA-q9jv-mm3r-j47r: PhpSpreadsheet allows bypass XSS sanitizer using the javascript protocol and special characters

GHSA-hwcp-2h35-p66w: PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability of the hyperlink base in the HTML page header

GHSA-wv23-996v-q229: PhpSpreadsheet has a Cross-Site Scripting (XSS) vulnerability in custom properties

GHSA-j2xg-cjcx-4677: PhpSpreadsheet allows unauthorized Reflected XSS in Currency.php file

Ollama before 0.1.29 has a DNS rebinding vulnerability that can inadvertently allow remote access to the full API, thereby letting an unauthorized user chat with a large language model, delete a model, or cause a denial of service (resource exhaustion).

**Ollama DNS rebinding vulnerability**

High severity GitHub Reviewed Published Apr 8, 2024 to the GitHub Advisory Database • Updated Apr 8, 2024

Headline

GHSA-5jx5-hqx5-2vrj: Ollama DNS rebinding vulnerability

ghsa: Latest News