| Page(s) : 1 ... 702 703 704 705 706 707 708 709 710 711 [712] 713 714 715 716 717 718 719 720 721 722 ... | Result(s) : 325738 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2025-1385 | cve | When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a sp... |
| 9.8 | 2025-03-20 | CVE-2025-2505 | cve | The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possibl... |
| N/A | 2025-03-20 | CVE-2024-47552 | cve | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): from 2.0.0 before 2.2.0. Users are recommended to u... |
| N/A | 2025-03-20 | CVE-2024-54016 | cve | Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): through |
| N/A | 2025-03-20 | CVE-2024-0245 | cve | A misconfiguration in the AndroidManifest.xml file in hamza417/inure before build97 allows for task hijacking. This vulnerability permits malicious applications to inherit permi... |
| N/A | 2025-03-20 | CVE-2024-0640 | cve | A stored cross-site scripting (XSS) vulnerability exists in chatwoot/chatwoot versions 3.0.0 to 3.5.1. This vulnerability allows an admin user to inject malicious JavaScript cod... |
| N/A | 2025-03-20 | CVE-2024-10019 | cve | A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry) allows for path traversal and OS command injection. The function does not properly s... |
| N/A | 2025-03-20 | CVE-2024-10047 | cve | parisneo/lollms-webui versions v9.9 to the latest are vulnerable to a directory listing vulnerability. An attacker can list arbitrary directories on a Windows system by sending ... |
| N/A | 2025-03-20 | CVE-2024-10051 | cve | Realchar version v0.0.4 is vulnerable to an unauthenticated denial of service (DoS) attack. The vulnerability exists in the file upload request handling, where appending charact... |
| N/A | 2025-03-20 | CVE-2024-10096 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| N/A | 2025-03-20 | CVE-2024-10109 | cve | A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint "/api/system/custom-models". ... |
| N/A | 2025-03-20 | CVE-2024-10110 | cve | In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being bloc... |
| N/A | 2025-03-20 | CVE-2024-10188 | cve | A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of ast.literal_eval to parse user... |
| N/A | 2025-03-20 | CVE-2024-10190 | cve | Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the... |
| N/A | 2025-03-20 | CVE-2024-10225 | cve | A vulnerability in haotian-liu/llava v1.2.0 allows an attacker to cause a Denial of Service (DoS) by appending a large number of characters to the end of a multipart boundary in... |
| N/A | 2025-03-20 | CVE-2024-10252 | cve | A vulnerability in langgenius/dify versions |
| N/A | 2025-03-20 | CVE-2024-10264 | cve | HTTP Request Smuggling vulnerability in netease-youdao/qanything version 1.4.1 allows attackers to exploit inconsistencies in the interpretation of HTTP requests between a proxy... |
| N/A | 2025-03-20 | CVE-2024-10267 | cve | An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. An attacker can leak sensitive user information, including names, emails, an... |
| N/A | 2025-03-20 | CVE-2024-10272 | cve | lunary-ai/lunary is vulnerable to broken access control in the latest version. An attacker can view the content of any dataset without any kind of authorization by sending a GET... |
| N/A | 2025-03-20 | CVE-2024-10273 | cve | In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models do... |
| Page(s) : 1 ... 702 703 704 705 706 707 708 709 710 711 [712] 713 714 715 716 717 718 719 720 721 722 ... | Result(s) : 325738 |
