| Page(s) : 1 ... 75 76 77 78 79 80 81 82 83 84 [85] 86 87 88 89 90 91 92 93 94 95 ... | Result(s) : 312940 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-8958 | cve | In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker ... |
| N/A | 2025-03-20 | CVE-2024-8966 | cve | A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. An attacker can append a large number o... |
| N/A | 2025-03-20 | CVE-2024-8982 | cve | A Local File Inclusion (LFI) vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose ... |
| N/A | 2025-03-20 | CVE-2024-8984 | cve | A Denial of Service (DoS) vulnerability exists in berriai/litellm version v1.44.5. This vulnerability can be exploited by appending characters, such as dashes (-), to the end of... |
| N/A | 2025-03-20 | CVE-2024-8998 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability exists in lunary-ai/lunary version git f07a845. The server uses the regex /{.*?}/ to match user-controlled strings. ... |
| N/A | 2025-03-20 | CVE-2024-8999 | cve | lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to ex... |
| N/A | 2025-03-20 | CVE-2024-9000 | cve | In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions.... |
| N/A | 2025-03-20 | CVE-2024-9016 | cve | man-group dtale version |
| N/A | 2025-03-20 | CVE-2024-9052 | cve | vllm-project vllm version 0.6.0 contains a vulnerability in the distributed training API. The function vllm.distributed.GroupCoordinator.recv_object() deserializes received obje... |
| N/A | 2025-03-20 | CVE-2024-9053 | cve | vllm-project vllm version 0.6.0 contains a vulnerability in the AsyncEngineRPCServer() RPC server entrypoints. The core functionality run_server_loop() calls the function _make_... |
| N/A | 2025-03-20 | CVE-2024-9056 | cve | BentoML version v1.3.4post1 is vulnerable to a Denial of Service (DoS) attack. The vulnerability can be exploited by appending characters, such as dashes (-), to the end of a mu... |
| N/A | 2025-03-20 | CVE-2024-9070 | cve | A deserialization vulnerability exists in BentoML's runner server in bentoml/bentoml versions |
| N/A | 2025-03-20 | CVE-2024-9095 | cve | In lunary-ai/lunary version v1.4.28, the /bigquery API route lacks proper access control, allowing any logged-in user to create a Datastream to Google BigQuery and export the en... |
| N/A | 2025-03-20 | CVE-2024-9096 | cve | In lunary-ai/lunary version 1.4.28, the /checklists/:id route allows low-privilege users to modify checklists by sending a PATCH request. The route lacks proper access control, ... |
| N/A | 2025-03-20 | CVE-2024-9098 | cve | In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where admins can invite new members with billing permissions, thereby gaining unauthorized... |
| N/A | 2025-03-20 | CVE-2024-9099 | cve | In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers ... |
| N/A | 2025-03-20 | CVE-2024-9107 | cve | A stored cross-site scripting (XSS) vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, affecting version git 20b2e02. The vulnerability arises from improper sani... |
| N/A | 2025-03-20 | CVE-2024-9159 | cve | An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc. The vulnerability allows any user to restart the server at will, leading to a ... |
| N/A | 2025-03-20 | CVE-2024-9216 | cve | An authentication bypass vulnerability exists in gaizhenbiao/ChuanhuChatGPT, as of commit 3856d4f, allowing any user to read and delete other users' chat history. The vulne... |
| N/A | 2025-03-20 | CVE-2024-9229 | cve | A Denial of Service (DoS) vulnerability in the file upload feature of stangirard/quivr v0.0.298 allows unauthenticated attackers to cause excessive resource consumption by appen... |
| Page(s) : 1 ... 75 76 77 78 79 80 81 82 83 84 [85] 86 87 88 89 90 91 92 93 94 95 ... | Result(s) : 312940 |
