Security
Headlines
HeadlinesLatestCVEs

Tag

#amazon

Ubuntu Security Notice USN-6724-1

Ubuntu Security Notice 6724-1 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information.

Packet Storm
Open in Source
#vulnerability#web#android#google#microsoft#amazon#ubuntu#linux#dos#oracle#perl#samba#aws#lenovo
Critical Bugs Put Hugging Face AI Platform in a 'Pickle'

One issue would have allowed cross-tenant attacks, and another enabled access to a shared registry for container images; exploitation via an insecure Pickle file showcases emerging risks for AI-as-a-service more broadly.

5 Best Crypto Marketing Agencies for Web3 Security Brands in 2024

By Uzair Amir It seems each week brings news of another attack – millions drained from DeFi protocols, NFTs swiped, and… This is a post from HackRead.com Read the original post: 5 Best Crypto Marketing Agencies for Web3 Security Brands in 2024

Fortanix Builds Private Search for AI

Fortanix is working on technologies to build a security wall around AI search.

Microsoft Beefs Up Defenses in Azure AI

Microsoft adds tools to protect Azure AI from threats such as prompt injection, as well as to give developers the capabilities to ensure generative AI apps are more resilient to model and content manipulation attacks.

Facebook spied on Snapchat users to get analytics about the competition

Facebook is accused of using potentially criminal methods to spy on Snapchat users to gain a commercial advantage over its competition.

New ShadowRay Campaign Targets Ray AI Framework in Global Attack

By Waqas An unpatched vulnerability is exposing the Ray AI framework to the "ShadowRay" attack! This is a post from HackRead.com Read the original post: New ShadowRay Campaign Targets Ray AI Framework in Global Attack

Ubuntu Security Notice USN-6707-3

Ubuntu Security Notice 6707-3 - Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6701-3

Ubuntu Security Notice 6701-3 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.