| Page(s) : 1 ... 66 67 68 69 70 71 72 73 74 75 [76] 77 78 79 80 81 82 83 84 85 86 ... | Result(s) : 287478 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-11039 | cve | A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gpt_academic versions up to and including 3.83. This vulnera... |
| N/A | 2025-03-20 | CVE-2024-11040 | cve | vllm-project vllm version 0.5.2.2 is vulnerable to Denial of Service attacks. The issue occurs in the 'POST /v1/completions' and 'POST /v1/embeddings' endpoi... |
| N/A | 2025-03-20 | CVE-2024-11041 | cve | vllm-project vllm version v0.6.2 contains a vulnerability in the MessageQueue.dequeue() API function. The function uses pickle.loads to parse received sockets directly, leading ... |
| N/A | 2025-03-20 | CVE-2024-11042 | cve | In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to dele... |
| N/A | 2025-03-20 | CVE-2024-11043 | cve | A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessiv... |
| N/A | 2025-03-20 | CVE-2024-11044 | cve | An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a spec... |
| N/A | 2025-03-20 | CVE-2024-11045 | cve | A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an attacker to clone a malicious server extension from a Git... |
| N/A | 2025-03-20 | CVE-2024-11137 | cve | An Insecure Direct Object Reference (IDOR) vulnerability exists in the `PATCH /v1/runs/:id/score` endpoint of lunary-ai/lunary version 1.6.0. This vulnerability allows an attack... |
| N/A | 2025-03-20 | CVE-2024-11167 | cve | An improper access control vulnerability in danny-avila/librechat versions prior to 0.7.6 allows authenticated users to delete other users' prompts via the groupid paramete... |
| N/A | 2025-03-20 | CVE-2024-11169 | cve | An unhandled exception in danny-avila/librechat version 3c94ff2 can lead to a server crash. The issue occurs when the fs module throws an exception while handling file uploads. ... |
| N/A | 2025-03-20 | CVE-2024-11170 | cve | A vulnerability in danny-avila/librechat version git 81f2936 allows for path traversal due to improper sanitization of file paths by the multer middleware. This can lead to arbi... |
| N/A | 2025-03-20 | CVE-2024-11171 | cve | In danny-avila/librechat version git 0c2a583, there is an improper input validation vulnerability. The application uses multer middleware for handling multipart file uploads. Wh... |
| N/A | 2025-03-20 | CVE-2024-11172 | cve | A vulnerability in danny-avila/librechat version git a1647d7 allows an unauthenticated attacker to cause a denial of service by sending a crafted payload to the server. The midd... |
| N/A | 2025-03-20 | CVE-2024-11173 | cve | An unhandled exception in the danny-avila/librechat repository, version git 600d217, can cause the server to crash, leading to a full denial of service. This issue occurs when c... |
| N/A | 2025-03-20 | CVE-2024-11300 | cve | In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user. This issue affects version 1.6.2 a... |
| N/A | 2025-03-20 | CVE-2024-11301 | cve | In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This ... |
| N/A | 2025-03-20 | CVE-2024-11302 | cve | A missing check_access() function in the lollms_binding_infos module of the parisneo/lollms repository, version V14, allows attackers to add, modify, and remove bindings arbitra... |
| N/A | 2025-03-20 | CVE-2024-11441 | cve | A stored cross-site scripting (XSS) vulnerability exists in Serge version 0.9.0. The vulnerability is due to improper neutralization of input during web page generation in the c... |
| N/A | 2025-03-20 | CVE-2024-11449 | cve | A vulnerability in haotian-liu/llava version 1.2.0 (LLaVA-1.6) allows for Server-Side Request Forgery (SSRF) through the /run/predict endpoint. An attacker can gain unauthorized... |
| N/A | 2025-03-20 | CVE-2024-11602 | cve | A Cross-Origin Resource Sharing (CORS) vulnerability exists in feast-dev/feast version 0.40.0. The CORS configuration on the agentscope server does not properly restrict access ... |
| Page(s) : 1 ... 66 67 68 69 70 71 72 73 74 75 [76] 77 78 79 80 81 82 83 84 85 86 ... | Result(s) : 287478 |
