| Page(s) : 1 ... 716 717 718 719 720 721 722 723 724 725 [726] 727 728 729 730 731 732 733 734 735 736 ... | Result(s) : 325773 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-8616 | cve | In h2oai/h2o-3 version 3.46.0, the `/99/Models/{name}/json` endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the `exportModelDeta... |
| 6.5 | 2025-03-20 | CVE-2024-8736 | cve | A Denial of Service (DoS) vulnerability exists in multiple file upload endpoints of parisneo/lollms-webui version V12 (Strawberry). The vulnerability can be exploited remotely v... |
| N/A | 2025-03-20 | CVE-2024-8763 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary repository, specifically in the compileTextTemplate function. The affected version is... |
| N/A | 2025-03-20 | CVE-2024-8764 | cve | A vulnerability in lunary-ai/lunary, as of commit be54057, allows users to upload and execute arbitrary regular expressions on the server side. This can lead to a Denial of Serv... |
| N/A | 2025-03-20 | CVE-2024-8765 | cve | In lunary-ai/lunary, the privilege check mechanism is flawed in version git afc5df4. The system incorrectly identifies certain endpoints as public if the path contains '/au... |
| 9.1 | 2025-03-20 | CVE-2024-8769 | cve | A vulnerability in the `LockManager.release_locks` function in aimhubio/aim (commit bb76afe) allows for arbitrary file deletion through relative path traversal. The `run_hash` p... |
| N/A | 2025-03-20 | CVE-2024-8789 | cve | Lunary-ai/lunary version git 105a3f6 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack. The application allows users to upload their own regular expressions... |
| N/A | 2025-03-20 | CVE-2024-8859 | cve | A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol resul... |
| 9.8 | 2025-03-20 | CVE-2024-8898 | cve | A path traversal vulnerability exists in the `install` and `uninstall` API endpoints of parisneo/lollms-webui version V12 (Strawberry). This vulnerability allows attackers to cr... |
| 7.5 | 2025-03-20 | CVE-2024-8952 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOL_SCRAPE_WEBSITE_CONTENT endpoint... |
| 9.8 | 2025-03-20 | CVE-2024-8953 | cve | In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to arbitrary code ex... |
| N/A | 2025-03-20 | CVE-2024-8954 | cve | In composiohq/composio version 0.5.10, the API does not validate the `x-api-key` header's value during the authentication step. This vulnerability allows an attacker to byp... |
| N/A | 2025-03-20 | CVE-2024-8955 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the sy... |
| 9.8 | 2025-03-20 | CVE-2024-8958 | cve | In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker ... |
| 7.5 | 2025-03-20 | CVE-2024-8966 | cve | A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number o... |
| N/A | 2025-03-20 | CVE-2024-8982 | cve | A Local File Inclusion (LFI) vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose ... |
| N/A | 2025-03-20 | CVE-2024-8984 | cve | A Denial of Service (DoS) vulnerability exists in berriai/litellm version v1.44.5. This vulnerability can be exploited by appending characters, such as dashes (-), to the end of... |
| 7.5 | 2025-03-20 | CVE-2024-8998 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability exists in lunary-ai/lunary version git f07a845. The server uses the regex /{.*?}/ to match user-controlled strings. ... |
| 7.5 | 2025-03-20 | CVE-2024-8999 | cve | lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to ex... |
| 6.5 | 2025-03-20 | CVE-2024-9000 | cve | In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions.... |
| Page(s) : 1 ... 716 717 718 719 720 721 722 723 724 725 [726] 727 728 729 730 731 732 733 734 735 736 ... | Result(s) : 325773 |
