| Page(s) : 1 ... 721 722 723 724 725 726 727 728 729 730 [731] 732 733 734 735 736 737 738 739 740 741 ... | Result(s) : 325831 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-9431 | cve | In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management vulnerability. After logging into the system, users can change the passwords of othe... |
| N/A | 2025-03-20 | CVE-2024-9437 | cve | SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service (DoS) attack. The vulnerability exists in the resource upload request, where appending characters,... |
| N/A | 2025-03-20 | CVE-2024-9439 | cve | SuperAGI is vulnerable to remote code execution in the latest version. The `agent template update` API allows attackers to control certain parameters, which are then fed to the ... |
| N/A | 2025-03-20 | CVE-2024-9447 | cve | An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. The `/get/organisation/` endpoint does not verify the user's organizati... |
| N/A | 2025-03-20 | CVE-2024-9597 | cve | A Path Traversal vulnerability exists in the `/wipe_database` endpoint of parisneo/lollms version v12, allowing an attacker to delete any directory on the system. The vulnerabil... |
| 7.5 | 2025-03-20 | CVE-2024-9606 | cve | In berriai/litellm before version 1.44.12, the `litellm/litellm_core_utils/litellm_logging.py` file contains a vulnerability where the API key masking code only masks the first ... |
| 6.5 | 2025-03-20 | CVE-2024-9612 | cve | In danswer-ai/danswer v0.3.94, administrators can set the visibility of pages within a workspace, including the search page. When the search page is set to be invisible, regular... |
| N/A | 2025-03-20 | CVE-2024-9617 | cve | An IDOR vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to view any files. The application does not verify whether the attacker is the creator of the file, allowi... |
| 5.4 | 2025-03-20 | CVE-2024-9699 | cve | A vulnerability in the file upload functionality of the FlatPress CMS admin panel (version latest) allows an attacker to upload a file with a JavaScript payload disguised as a f... |
| N/A | 2025-03-20 | CVE-2024-9701 | cve | A Remote Code Execution (RCE) vulnerability has been identified in the Kedro ShelveStore class (version 0.19.8). This vulnerability allows an attacker to execute arbitrary Pytho... |
| N/A | 2025-03-20 | CVE-2024-9840 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-53981. Notes: All CVE users should reference CVE-2024-53981 inste... |
| N/A | 2025-03-20 | CVE-2024-9847 | cve | FlatPress CMS version latest is vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow an attacker to enable or disable plugins on behalf of a victim user. The attac... |
| N/A | 2025-03-20 | CVE-2024-9880 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| 6.1 | 2025-03-20 | CVE-2024-9900 | cve | mudler/localai version v2.21.1 contains a Cross-Site Scripting (XSS) vulnerability in its search functionality. The vulnerability arises due to improper sanitization of user inp... |
| N/A | 2025-03-20 | CVE-2024-9901 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-48057. Notes: All CVE users should reference CVE-2024-48057 inste... |
| N/A | 2025-03-20 | CVE-2024-9919 | cve | A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/{app_name} API... |
| 8.8 | 2025-03-20 | CVE-2024-9920 | cve | In version v12 of parisneo/lollms-webui, the 'Send file to AL' function allows uploading files with various extensions, including potentially dangerous ones like .py, ... |
| N/A | 2025-03-20 | CVE-2025-0182 | cve | A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. The issue arises from the use of a vulnerable version of the starlett... |
| N/A | 2025-03-20 | CVE-2025-0183 | cve | A stored cross-site scripting (XSS) vulnerability exists in the Latex Proof-Reading Module of binary-husky/gpt_academic version 3.9.0. This vulnerability allows an attacker to i... |
| N/A | 2025-03-20 | CVE-2025-0184 | cve | A Server-Side Request Forgery (SSRF) vulnerability was identified in langgenius/dify version 0.10.2. The vulnerability occurs in the 'Create Knowledge' section when up... |
| Page(s) : 1 ... 721 722 723 724 725 726 727 728 729 730 [731] 732 733 734 735 736 737 738 739 740 741 ... | Result(s) : 325831 |
