| Page(s) : 1 ... 150 151 152 153 154 155 156 157 158 159 [160] 161 162 163 164 165 166 167 168 169 170 ... | Result(s) : 43256 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.1 | 2024-06-06 | CVE-2024-24192 | cve | robdns commit d76d2e6 was discovered to contain a heap overflow via the component block->filename at /src/zonefile-insertion.c. |
| 9.8 | 2024-06-06 | CVE-2024-36736 | cve | An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect calculation when the same dimension operation is performed. |
| 9.4 | 2024-06-06 | CVE-2024-3033 | cve | An improper authorization vulnerability exists in the mintplex-labs/anything-llm application, specifically within the '/api/v/' endpoint and its sub-routes. This flaw ... |
| 9.8 | 2024-06-06 | CVE-2024-3104 | cve | A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper handling of environment variables. Attackers can exploit this vulnerability by injecti... |
| 9.8 | 2024-06-06 | CVE-2024-5452 | cve | A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagem... |
| 9.8 | 2024-06-06 | CVE-2024-5482 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the parisneo/lollms-webui application, affecting the latest version. The vul... |
| 9.1 | 2024-06-06 | CVE-2024-1873 | cve | parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an exposed `/select_database` endpoint in version a9d16b0. The endpoint improperly han... |
| 9.8 | 2024-06-06 | CVE-2024-1881 | cve | AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization of special elements used in an OS command ('OS Command Injection') du... |
| 9.8 | 2024-06-06 | CVE-2024-2359 | cve | A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended access restrictions and execute arbitrary code. The issue arises from the applicatio... |
| 9.8 | 2024-06-06 | CVE-2024-2360 | cve | parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code execution due to insufficient sanitization of user-supplied input in the 'Databas... |
| 9.1 | 2024-06-06 | CVE-2024-2362 | cve | A path traversal vulnerability exists in the parisneo/lollms-webui version 9.3 on the Windows platform. Due to improper validation of file paths between Windows and Linux enviro... |
| 9.8 | 2024-06-06 | CVE-2024-2624 | cve | A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the `@router.get("/switch_personal_path")` endpoint... |
| 9.6 | 2024-06-06 | CVE-2024-3166 | cve | A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both the desktop application version 1.2.0 and the latest version of the web applicati... |
| 9.8 | 2024-06-06 | CVE-2024-3234 | cve | The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed to restrict user ... |
| 9.8 | 2024-06-06 | CVE-2024-3322 | cve | A path traversal vulnerability exists in the 'cyber_security/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. The vulnerabilit... |
| 9.8 | 2024-06-06 | CVE-2024-3408 | cve | man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code execution (RCE) due to improper input validation. The vulnerability arises from a hardco... |
| 9.8 | 2024-06-06 | CVE-2024-3429 | cve | A path traversal vulnerability exists in the parisneo/lollms application, specifically within the `sanitize_path_from_endpoint` and `sanitize_path` functions in `lollms_core\lol... |
| 9.8 | 2024-06-06 | CVE-2024-4320 | cve | A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui application, specifically within the `@router.post... |
| 9.3 | 2024-06-06 | CVE-2024-5328 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in the lunary-ai/lunary application, specifically within the endpoint '/auth/saml/tto/download-idp-xml'. The ... |
| 9.8 | 2024-06-06 | CVE-2024-22074 | cve | Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 1.7.2531, 1.6.0428 through 1.6.1112, 1.5.0625 through 1.5.3116, 1.4.0618 through 1.4.1230, and 1.0.516 through 1.3.... |
| Page(s) : 1 ... 150 151 152 153 154 155 156 157 158 159 [160] 161 162 163 164 165 166 167 168 169 170 ... | Result(s) : 43256 |
