| Page(s) : 1 ... 64 65 66 67 68 69 70 71 72 73 [74] 75 76 77 78 79 80 81 82 83 84 ... | Result(s) : 287478 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-10707 | cve | gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the gradio component gr.JSON, which has a known issue (CVE-2... |
| N/A | 2025-03-20 | CVE-2024-10713 | cve | A vulnerability in szad670401/hyperlpr v3.0 allows for a Denial of Service (DoS) attack. The server fails to handle excessive characters appended to the end of multipart boundar... |
| N/A | 2025-03-20 | CVE-2024-10714 | cve | A vulnerability in binary-husky/gpt_academic version 3.83 allows an attacker to cause a Denial of Service (DoS) by adding excessive characters to the end of a multipart boundary... |
| N/A | 2025-03-20 | CVE-2024-10718 | cve | In phpipam/phpipam version 1.5.1, the Secure attribute for sensitive cookies in HTTPS sessions is not set. This could cause the user agent to send those cookies in plaintext ove... |
| N/A | 2025-03-20 | CVE-2024-10719 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam version 1.5.2, specifically in the circuits options functionality. This vulnerability allows an attacker to i... |
| N/A | 2025-03-20 | CVE-2024-10720 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability occurs in the 'Device Management' section under 'Admi... |
| N/A | 2025-03-20 | CVE-2024-10721 | cve | A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the app... |
| N/A | 2025-03-20 | CVE-2024-10722 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability allows attackers to inject malicious scripts into the 'Descript... |
| N/A | 2025-03-20 | CVE-2024-10723 | cve | A stored cross-site scripting (XSS) vulnerability was discovered in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the des... |
| N/A | 2025-03-20 | CVE-2024-10724 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2, specifically in the Subnet NAT translations section when editing the Destination addre... |
| N/A | 2025-03-20 | CVE-2024-10725 | cve | A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. This vulnerability allows an attacker to inject malicious scripts into the application... |
| N/A | 2025-03-20 | CVE-2024-10727 | cve | A reflected cross-site scripting (XSS) vulnerability exists in phpipam/phpipam versions 1.5.0 through 1.6.0. The vulnerability arises when the application receives data in an HT... |
| N/A | 2025-03-20 | CVE-2024-10762 | cve | In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks prope... |
| N/A | 2025-03-20 | CVE-2024-10812 | cve | An open redirect vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs when a user is redirected to a URL specified by user-controlled input i... |
| N/A | 2025-03-20 | CVE-2024-10819 | cve | A Cross-Site Request Forgery (CSRF) vulnerability in version 3.83 of binary-husky/gpt_academic allows an attacker to trick a user into uploading files without their consent, exp... |
| N/A | 2025-03-20 | CVE-2024-10821 | cve | A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause... |
| N/A | 2025-03-20 | CVE-2024-10829 | cve | A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive ... |
| N/A | 2025-03-20 | CVE-2024-10830 | cve | A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete an... |
| N/A | 2025-03-20 | CVE-2024-10831 | cve | In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files ... |
| N/A | 2025-03-20 | CVE-2024-10833 | cve | eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to... |
| Page(s) : 1 ... 64 65 66 67 68 69 70 71 72 73 [74] 75 76 77 78 79 80 81 82 83 84 ... | Result(s) : 287478 |
