| Page(s) : 1 ... 708 709 710 711 712 713 714 715 716 717 [718] 719 720 721 722 723 724 725 726 727 728 ... | Result(s) : 325738 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-12387 | cve | A vulnerability in the binary-husky/gpt_academic repository, as of commit git 3890467, allows an attacker to crash the server by uploading a specially crafted zip bomb. The serv... |
| N/A | 2025-03-20 | CVE-2024-12388 | cve | A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. The application uses a regular expression to parse... |
| N/A | 2025-03-20 | CVE-2024-12389 | cve | A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The application supports the extraction of user-provided 7z files without proper validati... |
| N/A | 2025-03-20 | CVE-2024-12390 | cve | A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR files without pro... |
| N/A | 2025-03-20 | CVE-2024-12391 | cve | A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. The function '??????(?????????????)�... |
| N/A | 2025-03-20 | CVE-2024-12392 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version git 310122f. The application has a functionality to download papers from arxiv.org... |
| N/A | 2025-03-20 | CVE-2024-12433 | cve | A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-toke... |
| 9.8 | 2025-03-20 | CVE-2024-12450 | cve | In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains multiple vulnerabilities. The function does not filter URL parameters, allowing att... |
| N/A | 2025-03-20 | CVE-2024-12534 | cve | In version v0.3.32 of open-webui/open-webui, the application allows users to submit large payloads in the email and password fields during the sign-in process due to the lack of... |
| 7.5 | 2025-03-20 | CVE-2024-12537 | cve | In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the `api/v1/utils/code/format` endpoint. If a ... |
| N/A | 2025-03-20 | CVE-2024-12580 | cve | A vulnerability in danny-avila/librechat prior to version 0.7.6 allows for logs debug injection. The parameters sessionId, fileId, userId, and file_id in the /code/download/:ses... |
| N/A | 2025-03-20 | CVE-2024-12704 | cve | A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method execu... |
| N/A | 2025-03-20 | CVE-2024-12720 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization_nougat_fast.py. The vu... |
| N/A | 2025-03-20 | CVE-2024-12759 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-8966. Notes: All CVE users should reference CVE-2024-8966 instead... |
| N/A | 2025-03-20 | CVE-2024-12760 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-4940. Notes: All CVE users should reference CVE-2024-4940 instead... |
| N/A | 2025-03-20 | CVE-2024-12761 | cve | A Denial of Service (DoS) vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the `/api/stablestudio/generate` endpoi... |
| N/A | 2025-03-20 | CVE-2024-12766 | cve | parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF) vulnerability in the `POST /api/proxy` REST API. Attackers can exploit this vulnera... |
| N/A | 2025-03-20 | CVE-2024-12775 | cve | langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the test functionality for the Create Custom Tool option via the REST API `POST /co... |
| N/A | 2025-03-20 | CVE-2024-12776 | cve | In langgenius/dify v0.10.1, the `/forgot-password/resets` endpoint does not verify the password reset code, allowing an attacker to reset the password of any user, including adm... |
| N/A | 2025-03-20 | CVE-2024-12777 | cve | A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made ... |
| Page(s) : 1 ... 708 709 710 711 712 713 714 715 716 717 [718] 719 720 721 722 723 724 725 726 727 728 ... | Result(s) : 325738 |
