| Page(s) : 1 ... 715 716 717 718 719 720 721 722 723 724 [725] 726 727 728 729 730 731 732 733 734 735 ... | Result(s) : 325773 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.1 | 2025-03-20 | CVE-2024-8101 | cve | A stored cross-site scripting (XSS) vulnerability exists in the Text Explorer component of aimhubio/aim version 3.23.0. The vulnerability arises due to the use of `dangerouslySe... |
| 9.8 | 2025-03-20 | CVE-2024-8156 | cve | A command injection vulnerability exists in the workflow-checker.yml workflow of significant-gravitas/autogpt. The untrusted user input `github.head.ref` is used insecurely, all... |
| N/A | 2025-03-20 | CVE-2024-8183 | cve | A CORS (Cross-Origin Resource Sharing) misconfiguration in prefecthq/prefect version 2.20.2 allows unauthorized domains to access sensitive data. This vulnerability can lead to ... |
| N/A | 2025-03-20 | CVE-2024-8196 | cve | In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server port 3001 on 0.0.0.0 with no authentication by default. This vulnerability allows... |
| N/A | 2025-03-20 | CVE-2024-8238 | cve | In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safer_getattr() function from RestrictedPython. This version does not protect against... |
| N/A | 2025-03-20 | CVE-2024-8248 | cve | A vulnerability in the normalizePath function in mintplex-labs/anything-llm version git 296f041 allows for path traversal, leading to arbitrary file read and write in the storag... |
| N/A | 2025-03-20 | CVE-2024-8249 | cve | mintplex-labs/anything-llm version git 6dc3642 contains an unauthenticated Denial of Service (DoS) vulnerability in the API for the embeddable chat functionality. An attacker ca... |
| N/A | 2025-03-20 | CVE-2024-8251 | cve | A vulnerability in mintplex-labs/anything-llm prior to version 1.2.2 allows for Prisma injection. The issue exists in the API endpoint "/embed/:embedId/stream-chat" where user-p... |
| 5.4 | 2025-03-20 | CVE-2024-8400 | cve | A stored cross-site scripting (XSS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability allows an attacker to upload a malicious HTML fil... |
| N/A | 2025-03-20 | CVE-2024-8438 | cve | A path traversal vulnerability exists in modelscope/agentscope version v.0.0.4. The API endpoint `/api/file` does not properly sanitize the `path` parameter, allowing an attacke... |
| 9.8 | 2025-03-20 | CVE-2024-8487 | cve | A Cross-Origin Resource Sharing (CORS) vulnerability exists in modelscope/agentscope version v0.0.4. The CORS configuration on the agentscope server does not properly restrict a... |
| N/A | 2025-03-20 | CVE-2024-8489 | cve | A vulnerability in modelscope/agentscope, specifically in the AgentScope Studio backend server, allows for Cross-Site Request Forgery (CSRF) due to overly permissive CORS header... |
| 8.8 | 2025-03-20 | CVE-2024-8501 | cve | An arbitrary file download vulnerability exists in the rpc_agent_client component of modelscope/agentscope version v0.0.4. This vulnerability allows any user to download any fil... |
| N/A | 2025-03-20 | CVE-2024-8502 | cve | A vulnerability in the RpcAgentServerLauncher class of modelscope/agentscope v0.0.6a3 allows for remote code execution (RCE) via deserialization of untrusted data using the dill... |
| 7.5 | 2025-03-20 | CVE-2024-8524 | cve | A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted PO... |
| N/A | 2025-03-20 | CVE-2024-8537 | cve | A path traversal vulnerability exists in the modelscope/agentscope application, affecting all versions. The vulnerability is present in the /delete-workflow endpoint, allowing a... |
| N/A | 2025-03-20 | CVE-2024-8551 | cve | A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attac... |
| 6.1 | 2025-03-20 | CVE-2024-8556 | cve | A stored cross-site scripting (XSS) vulnerability exists in modelscope/agentscope, as of the latest commit 21161fe on the main branch. The vulnerability occurs in the view for i... |
| N/A | 2025-03-20 | CVE-2024-8581 | cve | A vulnerability in the `upload_app` function of parisneo/lollms-webui V12 (Strawberry) allows an attacker to delete any file or directory on the system. The function does not im... |
| N/A | 2025-03-20 | CVE-2024-8613 | cve | A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy, and delete other users' chat histories. This issue arises due to improper h... |
| Page(s) : 1 ... 715 716 717 718 719 720 721 722 723 724 [725] 726 727 728 729 730 731 732 733 734 735 ... | Result(s) : 325773 |
