| Page(s) : 1 ... 689 690 691 692 693 694 695 696 697 698 [699] 700 701 702 703 704 705 706 707 708 709 ... | Result(s) : 299922 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-11302 | cve | A missing check_access() function in the lollms_binding_infos module of the parisneo/lollms repository, version V14, allows attackers to add, modify, and remove bindings arbitra... |
| N/A | 2025-03-20 | CVE-2024-11441 | cve | A stored cross-site scripting (XSS) vulnerability exists in Serge version 0.9.0. The vulnerability is due to improper neutralization of input during web page generation in the c... |
| N/A | 2025-03-20 | CVE-2024-11449 | cve | A vulnerability in haotian-liu/llava version 1.2.0 (LLaVA-1.6) allows for Server-Side Request Forgery (SSRF) through the /run/predict endpoint. An attacker can gain unauthorized... |
| N/A | 2025-03-20 | CVE-2024-11602 | cve | A Cross-Origin Resource Sharing (CORS) vulnerability exists in feast-dev/feast version 0.40.0. The CORS configuration on the agentscope server does not properly restrict access ... |
| N/A | 2025-03-20 | CVE-2024-11603 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in lm-sys/fastchat version 0.2.36. The vulnerability is present in the `/queue/join?` endpoint, where insufficient vali... |
| N/A | 2025-03-20 | CVE-2024-11821 | cve | A privilege escalation vulnerability exists in langgenius/dify version 0.9.1. This vulnerability allows a normal user to modify Orchestrate instructions for a chatbot created by... |
| 7.5 | 2025-03-20 | CVE-2024-11822 | cve | langgenius/dify version 0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability. The vulnerability exists due to improper handling of the api_endpoint parameter, allow... |
| N/A | 2025-03-20 | CVE-2024-11824 | cve | A stored cross-site scripting (XSS) vulnerability exists in langgenius/dify version latest, specifically in the chat log functionality. The vulnerability arises because certain ... |
| N/A | 2025-03-20 | CVE-2024-11850 | cve | A stored cross-site scripting (XSS) vulnerability exists in the latest version of langgenius/dify. The vulnerability is due to improper validation and sanitization of user input... |
| N/A | 2025-03-20 | CVE-2024-11958 | cve | A SQL injection vulnerability exists in the `duckdb_retriever` component of the run-llama/llama_index repository, specifically in the latest version. The vulnerability arises fr... |
| N/A | 2025-03-20 | CVE-2024-12029 | cve | A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserial... |
| N/A | 2025-03-20 | CVE-2024-12039 | cve | langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the number of code guess attempts for password reset. This allows an unauthenticate... |
| N/A | 2025-03-20 | CVE-2024-12044 | cve | A remote code execution vulnerability exists in open-mmlab/mmdetection version v3.3.0. The vulnerability is due to the use of the `pickle.loads()` function in the `all_reduce_di... |
| N/A | 2025-03-20 | CVE-2024-12048 | cve | An IDOR (Insecure Direct Object Reference) vulnerability exists in transformeroptimus/superagi version v0.0.14. The application fails to properly check authorization for multipl... |
| 7.5 | 2025-03-20 | CVE-2024-12055 | cve | A vulnerability in Ollama versions |
| N/A | 2025-03-20 | CVE-2024-12063 | cve | A Denial of Service (DoS) vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. The vulnerability is due to improper handling of form-data with... |
| N/A | 2025-03-20 | CVE-2024-12065 | cve | A local file inclusion vulnerability exists in haotian-liu/llava at commit c121f04. This vulnerability allows an attacker to access any file on the system by sending multiple cr... |
| N/A | 2025-03-20 | CVE-2024-12068 | cve | A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting version git c121f04. This vulnerability allows an attacker to make the server p... |
| N/A | 2025-03-20 | CVE-2024-12070 | cve | A Denial of Service (DoS) vulnerability exists in the file upload feature of haotian-liu/llava, specifically in Release v1.2.0 (LLaVA-1.6). The vulnerability is due to improper ... |
| N/A | 2025-03-20 | CVE-2024-12074 | cve | A Denial of Service (DoS) vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. The vulnerability is due to improper ha... |
| Page(s) : 1 ... 689 690 691 692 693 694 695 696 697 698 [699] 700 701 702 703 704 705 706 707 708 709 ... | Result(s) : 299922 |
