| Page(s) : 1 ... 74 75 76 77 78 79 80 81 82 83 [84] 85 86 87 88 89 90 91 92 93 94 ... | Result(s) : 312940 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-8502 | cve | A vulnerability in the RpcAgentServerLauncher class of modelscope/agentscope v0.0.6a3 allows for remote code execution (RCE) via deserialization of untrusted data using the dill... |
| N/A | 2025-03-20 | CVE-2024-8524 | cve | A directory traversal vulnerability exists in modelscope/agentscope version 0.0.4. An attacker can exploit this vulnerability to read any local JSON file by sending a crafted PO... |
| N/A | 2025-03-20 | CVE-2024-8537 | cve | A path traversal vulnerability exists in the modelscope/agentscope application, affecting all versions. The vulnerability is present in the /delete-workflow endpoint, allowing a... |
| N/A | 2025-03-20 | CVE-2024-8551 | cve | A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attac... |
| N/A | 2025-03-20 | CVE-2024-8556 | cve | A stored cross-site scripting (XSS) vulnerability exists in modelscope/agentscope, as of the latest commit 21161fe on the main branch. The vulnerability occurs in the view for i... |
| N/A | 2025-03-20 | CVE-2024-8581 | cve | A vulnerability in the `upload_app` function of parisneo/lollms-webui V12 (Strawberry) allows an attacker to delete any file or directory on the system. The function does not im... |
| N/A | 2025-03-20 | CVE-2024-8613 | cve | A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy, and delete other users' chat histories. This issue arises due to improper h... |
| N/A | 2025-03-20 | CVE-2024-8616 | cve | In h2oai/h2o-3 version 3.46.0, the `/99/Models/{name}/json` endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the `exportModelDeta... |
| N/A | 2025-03-20 | CVE-2024-8736 | cve | A Denial of Service (DoS) vulnerability exists in multiple file upload endpoints of parisneo/lollms-webui version V12 (Strawberry). The vulnerability can be exploited remotely v... |
| N/A | 2025-03-20 | CVE-2024-8763 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary repository, specifically in the compileTextTemplate function. The affected version is... |
| N/A | 2025-03-20 | CVE-2024-8764 | cve | A vulnerability in lunary-ai/lunary, as of commit be54057, allows users to upload and execute arbitrary regular expressions on the server side. This can lead to a Denial of Serv... |
| N/A | 2025-03-20 | CVE-2024-8765 | cve | In lunary-ai/lunary, the privilege check mechanism is flawed in version git afc5df4. The system incorrectly identifies certain endpoints as public if the path contains '/au... |
| N/A | 2025-03-20 | CVE-2024-8769 | cve | A vulnerability in the `LockManager.release_locks` function in aimhubio/aim (commit bb76afe) allows for arbitrary file deletion through relative path traversal. The `run_hash` p... |
| N/A | 2025-03-20 | CVE-2024-8789 | cve | Lunary-ai/lunary version git 105a3f6 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack. The application allows users to upload their own regular expressions... |
| N/A | 2025-03-20 | CVE-2024-8859 | cve | A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol resul... |
| N/A | 2025-03-20 | CVE-2024-8898 | cve | A path traversal vulnerability exists in the `install` and `uninstall` API endpoints of parisneo/lollms-webui version V12 (Strawberry). This vulnerability allows attackers to cr... |
| N/A | 2025-03-20 | CVE-2024-8952 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.2, specifically in the /api/actions/execute/WEBTOOL_SCRAPE_WEBSITE_CONTENT endpoint... |
| N/A | 2025-03-20 | CVE-2024-8953 | cve | In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to arbitrary code ex... |
| N/A | 2025-03-20 | CVE-2024-8954 | cve | In composiohq/composio version 0.5.10, the API does not validate the `x-api-key` header's value during the authentication step. This vulnerability allows an attacker to byp... |
| N/A | 2025-03-20 | CVE-2024-8955 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in composiohq/composio version v0.4.4. This vulnerability allows an attacker to read the contents of any file in the sy... |
| Page(s) : 1 ... 74 75 76 77 78 79 80 81 82 83 [84] 85 86 87 88 89 90 91 92 93 94 ... | Result(s) : 312940 |
