| Page(s) : 1 ... 710 711 712 713 714 715 716 717 718 719 [720] 721 722 723 724 725 726 727 728 729 730 ... | Result(s) : 325773 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-12392 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version git 310122f. The application has a functionality to download papers from arxiv.org... |
| N/A | 2025-03-20 | CVE-2024-12433 | cve | A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-toke... |
| 9.8 | 2025-03-20 | CVE-2024-12450 | cve | In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains multiple vulnerabilities. The function does not filter URL parameters, allowing att... |
| N/A | 2025-03-20 | CVE-2024-12534 | cve | In version v0.3.32 of open-webui/open-webui, the application allows users to submit large payloads in the email and password fields during the sign-in process due to the lack of... |
| 7.5 | 2025-03-20 | CVE-2024-12537 | cve | In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the `api/v1/utils/code/format` endpoint. If a ... |
| N/A | 2025-03-20 | CVE-2024-12580 | cve | A vulnerability in danny-avila/librechat prior to version 0.7.6 allows for logs debug injection. The parameters sessionId, fileId, userId, and file_id in the /code/download/:ses... |
| N/A | 2025-03-20 | CVE-2024-12704 | cve | A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method execu... |
| N/A | 2025-03-20 | CVE-2024-12720 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization_nougat_fast.py. The vu... |
| N/A | 2025-03-20 | CVE-2024-12759 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-8966. Notes: All CVE users should reference CVE-2024-8966 instead... |
| N/A | 2025-03-20 | CVE-2024-12760 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-4940. Notes: All CVE users should reference CVE-2024-4940 instead... |
| N/A | 2025-03-20 | CVE-2024-12761 | cve | A Denial of Service (DoS) vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the `/api/stablestudio/generate` endpoi... |
| N/A | 2025-03-20 | CVE-2024-12766 | cve | parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF) vulnerability in the `POST /api/proxy` REST API. Attackers can exploit this vulnera... |
| N/A | 2025-03-20 | CVE-2024-12775 | cve | langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the test functionality for the Create Custom Tool option via the REST API `POST /co... |
| N/A | 2025-03-20 | CVE-2024-12776 | cve | In langgenius/dify v0.10.1, the `/forgot-password/resets` endpoint does not verify the password reset code, allowing an attacker to reset the password of any user, including adm... |
| N/A | 2025-03-20 | CVE-2024-12777 | cve | A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made ... |
| N/A | 2025-03-20 | CVE-2024-12778 | cve | A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service (DoS) attack. The issue arises when a large number of tracked metrics are retrieved simultaneously ... |
| 7.5 | 2025-03-20 | CVE-2024-12779 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversa... |
| N/A | 2025-03-20 | CVE-2024-12864 | cve | A Denial of Service (DoS) vulnerability was discovered in the file upload feature of netease-youdao/qanything version v2.0.0. The vulnerability is due to improper handling of fo... |
| N/A | 2025-03-20 | CVE-2024-12866 | cve | A local file inclusion vulnerability exists in netease-youdao/qanything version v2.0.0. This vulnerability allows an attacker to read arbitrary files on the file system, which c... |
| N/A | 2025-03-20 | CVE-2024-12868 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-47874. Notes: All CVE users should reference CVE-2024-47874 inste... |
| Page(s) : 1 ... 710 711 712 713 714 715 716 717 718 719 [720] 721 722 723 724 725 726 727 728 729 730 ... | Result(s) : 325773 |
