| Page(s) : 1 ... 704 705 706 707 708 709 710 711 712 713 [714] 715 716 717 718 719 720 721 722 723 724 ... | Result(s) : 325738 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-10714 | cve | A vulnerability in binary-husky/gpt_academic version 3.83 allows an attacker to cause a Denial of Service (DoS) by adding excessive characters to the end of a multipart boundary... |
| 7.5 | 2025-03-20 | CVE-2024-10718 | cve | In phpipam/phpipam version 1.5.1, the Secure attribute for sensitive cookies in HTTPS sessions is not set. This could cause the user agent to send those cookies in plaintext ove... |
| 5.4 | 2025-03-20 | CVE-2024-10719 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam version 1.5.2, specifically in the circuits options functionality. This vulnerability allows an attacker to i... |
| 6.1 | 2025-03-20 | CVE-2024-10720 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability occurs in the 'Device Management' section under 'Admi... |
| 5.4 | 2025-03-20 | CVE-2024-10721 | cve | A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the app... |
| 5.4 | 2025-03-20 | CVE-2024-10722 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability allows attackers to inject malicious scripts into the 'Descript... |
| 5.4 | 2025-03-20 | CVE-2024-10723 | cve | A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the des... |
| 5.4 | 2025-03-20 | CVE-2024-10724 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2, specifically in the Subnet NAT translations section when editing the Destination addre... |
| 5.4 | 2025-03-20 | CVE-2024-10725 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the application... |
| 6.1 | 2025-03-20 | CVE-2024-10727 | cve | A reflected cross-site scripting (XSS) vulnerability exists in phpipam/phpipam versions 1.5.0 through 1.6.0. The vulnerability arises when the application receives data in an HT... |
| N/A | 2025-03-20 | CVE-2024-10762 | cve | In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks prope... |
| N/A | 2025-03-20 | CVE-2024-10812 | cve | An open redirect vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs when a user is redirected to a URL specified by user-controlled input i... |
| N/A | 2025-03-20 | CVE-2024-10819 | cve | A Cross-Site Request Forgery (CSRF) vulnerability in version 3.83 of binary-husky/gpt_academic allows an attacker to trick a user into uploading files without their consent, exp... |
| N/A | 2025-03-20 | CVE-2024-10821 | cve | A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause... |
| N/A | 2025-03-20 | CVE-2024-10829 | cve | A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive ... |
| N/A | 2025-03-20 | CVE-2024-10830 | cve | A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete an... |
| N/A | 2025-03-20 | CVE-2024-10831 | cve | In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files ... |
| N/A | 2025-03-20 | CVE-2024-10833 | cve | eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to... |
| N/A | 2025-03-20 | CVE-2024-10834 | cve | eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absol... |
| N/A | 2025-03-20 | CVE-2024-10835 | cve | In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be ... |
| Page(s) : 1 ... 704 705 706 707 708 709 710 711 712 713 [714] 715 716 717 718 719 720 721 722 723 724 ... | Result(s) : 325738 |
