Security News > 2024 > June > Ollama drama as 'easy-to-exploit' critical flaw found in open source AI server
![Ollama drama as 'easy-to-exploit' critical flaw found in open source AI server](/static/build/img/news/ollama-drama-as-easy-to-exploit-critical-flaw-found-in-open-source-ai-server-medium.jpg)
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests.
Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Information regarding which content is presented to you and how you interact with it can be used to determine whether the content e.g. reached its intended audience and matched your interests.
Reports can be generated based on the combination of data sets regarding your interactions and those of other users with advertising or content to identify common characteristics.
Content presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type, or which content you are interacting with.
Certain information is used to ensure the technical compatibility of the content or advertising, and to facilitate the transmission of the content or ad to your device.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/06/24/rce_ollama_wiz/
Related news
- Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw (source)
- How AI affects vulnerability management in open-source software (source)
- Is an open-source AI vulnerability next? (source)
- Critical GitHub Enterprise Server Flaw Allows Authentication Bypass (source)
- Authelia: Open-source authentication and authorization server (source)
- GitHub Enterprise Server patches 10-outta-10 critical hole (source)
- Chronon: Open-source data platform for AI/ML applications (source)
- RansomLord: Open-source anti-ransomware exploit tool (source)
- PoC exploits for critical FortiSIEM command execution flaws released (CVE-2024-23108, CVE-2023-34992) (source)
- Exploit for critical Progress Telerik auth bypass released, patch now (source)