| Page(s) : 1 ... 67 68 69 70 71 72 73 74 75 76 [77] 78 79 80 81 82 83 84 85 86 87 ... | Result(s) : 312940 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-11603 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in lm-sys/fastchat version 0.2.36. The vulnerability is present in the `/queue/join?` endpoint, where insufficient vali... |
| N/A | 2025-03-20 | CVE-2024-11821 | cve | A privilege escalation vulnerability exists in langgenius/dify version 0.9.1. This vulnerability allows a normal user to modify Orchestrate instructions for a chatbot created by... |
| N/A | 2025-03-20 | CVE-2024-11822 | cve | langgenius/dify version 0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability. The vulnerability exists due to improper handling of the api_endpoint parameter, allow... |
| N/A | 2025-03-20 | CVE-2024-11824 | cve | A stored cross-site scripting (XSS) vulnerability exists in langgenius/dify version latest, specifically in the chat log functionality. The vulnerability arises because certain ... |
| N/A | 2025-03-20 | CVE-2024-11850 | cve | A stored cross-site scripting (XSS) vulnerability exists in the latest version of langgenius/dify. The vulnerability is due to improper validation and sanitization of user input... |
| N/A | 2025-03-20 | CVE-2024-11958 | cve | A SQL injection vulnerability exists in the `duckdb_retriever` component of the run-llama/llama_index repository, specifically in the latest version. The vulnerability arises fr... |
| N/A | 2025-03-20 | CVE-2024-12029 | cve | A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserial... |
| N/A | 2025-03-20 | CVE-2024-12039 | cve | langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the number of code guess attempts for password reset. This allows an unauthenticate... |
| N/A | 2025-03-20 | CVE-2024-12044 | cve | A remote code execution vulnerability exists in open-mmlab/mmdetection version v3.3.0. The vulnerability is due to the use of the `pickle.loads()` function in the `all_reduce_di... |
| N/A | 2025-03-20 | CVE-2024-12048 | cve | An IDOR (Insecure Direct Object Reference) vulnerability exists in transformeroptimus/superagi version v0.0.14. The application fails to properly check authorization for multipl... |
| N/A | 2025-03-20 | CVE-2024-12055 | cve | A vulnerability in Ollama versions |
| N/A | 2025-03-20 | CVE-2024-12063 | cve | A Denial of Service (DoS) vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. The vulnerability is due to improper handling of form-data with... |
| N/A | 2025-03-20 | CVE-2024-12065 | cve | A local file inclusion vulnerability exists in haotian-liu/llava at commit c121f04. This vulnerability allows an attacker to access any file on the system by sending multiple cr... |
| N/A | 2025-03-20 | CVE-2024-12068 | cve | A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting version git c121f04. This vulnerability allows an attacker to make the server p... |
| N/A | 2025-03-20 | CVE-2024-12070 | cve | A Denial of Service (DoS) vulnerability exists in the file upload feature of haotian-liu/llava, specifically in Release v1.2.0 (LLaVA-1.6). The vulnerability is due to improper ... |
| N/A | 2025-03-20 | CVE-2024-12074 | cve | A Denial of Service (DoS) vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. The vulnerability is due to improper ha... |
| N/A | 2025-03-20 | CVE-2024-12215 | cve | In kedro-org/kedro version 0.19.8, the `pull_package()` API function allows users to download and extract micro packages from the Internet. However, the function `project_wheel_... |
| N/A | 2025-03-20 | CVE-2024-12216 | cve | A vulnerability in the `ImageClassificationDataset.from_csv()` API of the `dmlc/gluon-cv` repository, version 0.10.0, allows for arbitrary file write. The function downloads and... |
| N/A | 2025-03-20 | CVE-2024-12217 | cve | A vulnerability in the gradio-app/gradio repository, version git 67e4044, allows for path traversal on Windows OS. The implementation of the blocked_path functionality, which is... |
| N/A | 2025-03-20 | CVE-2024-12374 | cve | A stored cross-site scripting (XSS) vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application ... |
| Page(s) : 1 ... 67 68 69 70 71 72 73 74 75 76 [77] 78 79 80 81 82 83 84 85 86 87 ... | Result(s) : 312940 |
