| Page(s) : 1 ... 68 69 70 71 72 73 74 75 76 77 [78] 79 80 81 82 83 84 85 86 87 88 ... | Result(s) : 312940 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-12375 | cve | A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a973c. This vulnerability allows an attacker to read arbitra... |
| N/A | 2025-03-20 | CVE-2024-12376 | cve | A Server-Side Request Forgery (SSRF) vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. This vulnerability allows ... |
| N/A | 2025-03-20 | CVE-2024-12387 | cve | A vulnerability in the binary-husky/gpt_academic repository, as of commit git 3890467, allows an attacker to crash the server by uploading a specially crafted zip bomb. The serv... |
| N/A | 2025-03-20 | CVE-2024-12388 | cve | A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. The application uses a regular expression to parse... |
| N/A | 2025-03-20 | CVE-2024-12389 | cve | A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The application supports the extraction of user-provided 7z files without proper validati... |
| N/A | 2025-03-20 | CVE-2024-12390 | cve | A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution. The application supports the extraction of user-provided RAR files without pro... |
| N/A | 2025-03-20 | CVE-2024-12391 | cve | A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. The function '??????(?????????????)�... |
| N/A | 2025-03-20 | CVE-2024-12392 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version git 310122f. The application has a functionality to download papers from arxiv.org... |
| N/A | 2025-03-20 | CVE-2024-12433 | cve | A vulnerability in infiniflow/ragflow versions v0.12.0 allows for remote code execution. The RPC server in RagFlow uses a hard-coded AuthKey 'authkey=b'infiniflow-toke... |
| N/A | 2025-03-20 | CVE-2024-12450 | cve | In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains multiple vulnerabilities. The function does not filter URL parameters, allowing att... |
| N/A | 2025-03-20 | CVE-2024-12534 | cve | In version v0.3.32 of open-webui/open-webui, the application allows users to submit large payloads in the email and password fields during the sign-in process due to the lack of... |
| N/A | 2025-03-20 | CVE-2024-12537 | cve | In version 0.3.32 of open-webui/open-webui, the absence of authentication mechanisms allows any unauthenticated attacker to access the `api/v1/utils/code/format` endpoint. If a ... |
| N/A | 2025-03-20 | CVE-2024-12580 | cve | A vulnerability in danny-avila/librechat prior to version 0.7.6 allows for logs debug injection. The parameters sessionId, fileId, userId, and file_id in the /code/download/:ses... |
| N/A | 2025-03-20 | CVE-2024-12704 | cve | A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method execu... |
| N/A | 2025-03-20 | CVE-2024-12720 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability was identified in the huggingface/transformers library, specifically in the file tokenization_nougat_fast.py. The vu... |
| N/A | 2025-03-20 | CVE-2024-12759 | cve | In bentoml/bentoml version 1.3.9, the `/login` endpoint of the newly integrated Gradio app is vulnerable to a Denial of Service (DoS) attack. This vulnerability can be exploited... |
| N/A | 2025-03-20 | CVE-2024-12760 | cve | An open redirect vulnerability in bentoml/bentoml v1.3.9 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can b... |
| N/A | 2025-03-20 | CVE-2024-12761 | cve | A Denial of Service (DoS) vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the `/api/stablestudio/generate` endpoi... |
| N/A | 2025-03-20 | CVE-2024-12766 | cve | parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF) vulnerability in the `POST /api/proxy` REST API. Attackers can exploit this vulnera... |
| N/A | 2025-03-20 | CVE-2024-12775 | cve | langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the test functionality for the Create Custom Tool option via the REST API `POST /co... |
| Page(s) : 1 ... 68 69 70 71 72 73 74 75 76 77 [78] 79 80 81 82 83 84 85 86 87 88 ... | Result(s) : 312940 |
