| Page(s) : 1 ... 701 702 703 704 705 706 707 708 709 710 [711] 712 713 714 715 716 717 718 719 720 721 ... | Result(s) : 299944 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2025-0191 | cve | A Denial of Service (DoS) vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper handling of form-d... |
| N/A | 2025-03-20 | CVE-2025-0192 | cve | A stored Cross-site Scripting (XSS) vulnerability exists in the latest version of wandb/openui. The vulnerability is present in the edit HTML functionality, where an attacker ca... |
| 5.4 | 2025-03-20 | CVE-2025-0281 | cve | A stored cross-site scripting (XSS) vulnerability exists in lunary-ai/lunary versions 1.6.7 and earlier. An attacker can inject malicious JavaScript into the SAML IdP XML metada... |
| 7.5 | 2025-03-20 | CVE-2025-0312 | cve | A vulnerability in ollama/ollama versions |
| N/A | 2025-03-20 | CVE-2025-0313 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-12055. Notes: All CVE users should reference CVE-2024-12055 inste... |
| 7.5 | 2025-03-20 | CVE-2025-0315 | cve | A vulnerability in ollama/ollama |
| 7.5 | 2025-03-20 | CVE-2025-0317 | cve | A vulnerability in ollama/ollama versions |
| N/A | 2025-03-20 | CVE-2025-0330 | cve | In berriai/litellm version v1.52.1, an issue in proxy_server.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability expo... |
| N/A | 2025-03-20 | CVE-2025-0452 | cve | eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems via the '/v1/agent/hub/update' endpoint. The application fails to proper... |
| 7.5 | 2025-03-20 | CVE-2025-0453 | cve | In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. An attacker can create large batches of queries that repeatedly request all... |
| N/A | 2025-03-20 | CVE-2025-0454 | cve | A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of significant-gravitas/autogpt versions prior to v0.4.0. The vulnerability arises due ... |
| N/A | 2025-03-20 | CVE-2025-0508 | cve | A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows bei... |
| N/A | 2025-03-20 | CVE-2025-0628 | cve | An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the applicatio... |
| N/A | 2025-03-20 | CVE-2025-0655 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-55890. Notes: All CVE users should reference CVE-2024-55890 inste... |
| 8.8 | 2025-03-20 | CVE-2025-1040 | cve | AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that could lead to Remote Code Execution (RCE). The vulnerability arises from the im... |
| 7.5 | 2025-03-20 | CVE-2025-1451 | cve | A vulnerability in parisneo/lollms-webui v13 arises from the server's handling of multipart boundaries in file uploads. The server does not limit or validate the length of ... |
| N/A | 2025-03-20 | CVE-2025-1473 | cve | A Cross-Site Request Forgery (CSRF) vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new ... |
| 5.5 | 2025-03-20 | CVE-2025-1474 | cve | In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without pas... |
| N/A | 2025-03-20 | CVE-2025-1796 | cve | A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator (PR... |
| N/A | 2025-03-20 | CVE-2025-30259 | cve | The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to mess... |
| Page(s) : 1 ... 701 702 703 704 705 706 707 708 709 710 [711] 712 713 714 715 716 717 718 719 720 721 ... | Result(s) : 299944 |
