| Page(s) : 1 ... 691 692 693 694 695 696 697 698 699 700 [701] 702 703 704 705 706 707 708 709 710 711 ... | Result(s) : 299940 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-12217 | cve | A vulnerability in the gradio-app/gradio repository, version git 67e4044, allows for path traversal on Windows OS. The implementation of the blocked_path functionality, which is... |
| N/A | 2025-03-20 | CVE-2024-12374 | cve | A stored cross-site scripting (XSS) vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application ... |
| N/A | 2025-03-20 | CVE-2024-12375 | cve | A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a973c. This vulnerability allows an attacker to read arbitra... |
| N/A | 2025-03-20 | CVE-2024-12376 | cve | A Server-Side Request Forgery (SSRF) vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. This vulnerability allows ... |
| N/A | 2025-03-20 | CVE-2024-12387 | cve | A vulnerability in the binary-husky/gpt_academic repository, as of commit git 3890467, allows an attacker to crash the server by uploading a specially crafted zip bomb. The serv... |
| N/A | 2025-03-20 | CVE-2024-12388 | cve | A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. The application uses a regular expression to parse... |
| N/A | 2025-03-20 | CVE-2024-12389 | cve | A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The application supports the extraction of user-provided 7z files without proper validati... |
| N/A | 2025-03-20 | CVE-2024-12390 | cve | A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR files without pro... |
| N/A | 2025-03-20 | CVE-2024-12391 | cve | A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. The function '??????(?????????????)�... |
| N/A | 2025-03-20 | CVE-2024-12392 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version git 310122f. The application has a functionality to download papers from arxiv.org... |
| N/A | 2025-03-20 | CVE-2024-12433 | cve | A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-toke... |
| 9.8 | 2025-03-20 | CVE-2024-12450 | cve | In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains multiple vulnerabilities. The function does not filter URL parameters, allowing att... |
| N/A | 2025-03-20 | CVE-2024-12534 | cve | In version v0.3.32 of open-webui/open-webui, the application allows users to submit large payloads in the email and password fields during the sign-in process due to the lack of... |
| 7.5 | 2025-03-20 | CVE-2024-12537 | cve | In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the `api/v1/utils/code/format` endpoint. If a ... |
| N/A | 2025-03-20 | CVE-2024-12580 | cve | A vulnerability in danny-avila/librechat prior to version 0.7.6 allows for logs debug injection. The parameters sessionId, fileId, userId, and file_id in the /code/download/:ses... |
| N/A | 2025-03-20 | CVE-2024-12704 | cve | A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method execu... |
| N/A | 2025-03-20 | CVE-2024-12720 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization_nougat_fast.py. The vu... |
| N/A | 2025-03-20 | CVE-2024-12759 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-8966. Notes: All CVE users should reference CVE-2024-8966 instead... |
| N/A | 2025-03-20 | CVE-2024-12760 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-4940. Notes: All CVE users should reference CVE-2024-4940 instead... |
| N/A | 2025-03-20 | CVE-2024-12761 | cve | A Denial of Service (DoS) vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the `/api/stablestudio/generate` endpoi... |
| Page(s) : 1 ... 691 692 693 694 695 696 697 698 699 700 [701] 702 703 704 705 706 707 708 709 710 711 ... | Result(s) : 299940 |
