| Page(s) : 1 ... 76 77 78 79 80 81 82 83 84 85 [86] 87 88 89 90 91 92 93 94 95 96 ... | Result(s) : 312940 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2024-9308 | cve | An open redirect vulnerability in haotian-liu/llava version v1.2.0 (LLaVA-1.6) allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially c... |
| N/A | 2025-03-20 | CVE-2024-9309 | cve | A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 (LLaV... |
| N/A | 2025-03-20 | CVE-2024-9311 | cve | A Cross-Site Request Forgery (CSRF) vulnerability in haotian-liu/llava v1.2.0 (LLaVA-1.6) allows an attacker to upload files with malicious content without authentication or use... |
| N/A | 2025-03-20 | CVE-2024-9340 | cve | A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthenticated attackers to cause excessive resource consumption by sending malformed multipart ... |
| N/A | 2025-03-20 | CVE-2024-9362 | cve | An unauthenticated directory traversal vulnerability exists in Polyaxon, affecting the latest version. This vulnerability allows an attacker to retrieve directory information an... |
| N/A | 2025-03-20 | CVE-2024-9363 | cve | An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform, which can lead to denial of service by terminating critical containers. An att... |
| N/A | 2025-03-20 | CVE-2024-9365 | cve | A Cross-Site Request Forgery (CSRF) vulnerability in polyaxon/polyaxon v2.4.0 allows attackers to perform unauthorized actions in the context of the victim's browser. This ... |
| N/A | 2025-03-20 | CVE-2024-9415 | cve | A Path Traversal vulnerability exists in the file upload functionality of transformeroptimus/superagi version 0.0.14. This vulnerability allows an attacker to upload an arbitrar... |
| N/A | 2025-03-20 | CVE-2024-9418 | cve | In version 0.0.14 of transformeroptimus/superagi, the API endpoint `/api/users/get/{id}` returns the user's password in plaintext. This vulnerability allows an attacker to ... |
| N/A | 2025-03-20 | CVE-2024-9431 | cve | In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management vulnerability. After logging into the system, users can change the passwords of othe... |
| N/A | 2025-03-20 | CVE-2024-9437 | cve | SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service (DoS) attack. The vulnerability exists in the resource upload request, where appending characters,... |
| N/A | 2025-03-20 | CVE-2024-9439 | cve | SuperAGI is vulnerable to remote code execution in the latest version. The `agent template update` API allows attackers to control certain parameters, which are then fed to the ... |
| N/A | 2025-03-20 | CVE-2024-9447 | cve | An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. The `/get/organisation/` endpoint does not verify the user's organizati... |
| N/A | 2025-03-20 | CVE-2024-9597 | cve | A Path Traversal vulnerability exists in the `/wipe_database` endpoint of parisneo/lollms version v12, allowing an attacker to delete any directory on the system. The vulnerabil... |
| N/A | 2025-03-20 | CVE-2024-9606 | cve | In berriai/litellm before version 1.44.12, the `litellm/litellm_core_utils/litellm_logging.py` file contains a vulnerability where the API key masking code only masks the first ... |
| N/A | 2025-03-20 | CVE-2024-9612 | cve | In danswer-ai/danswer v0.3.94, administrators can set the visibility of pages within a workspace, including the search page. When the search page is set to be invisible, regular... |
| N/A | 2025-03-20 | CVE-2024-9617 | cve | An IDOR vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to view any files. The application does not verify whether the attacker is the creator of the file, allowi... |
| N/A | 2025-03-20 | CVE-2024-9699 | cve | A vulnerability in the file upload functionality of the FlatPress CMS admin panel (version latest) allows an attacker to upload a file with a JavaScript payload disguised as a f... |
| N/A | 2025-03-20 | CVE-2024-9701 | cve | A Remote Code Execution (RCE) vulnerability has been identified in the Kedro ShelveStore class (version 0.19.8). This vulnerability allows an attacker to execute arbitrary Pytho... |
| N/A | 2025-03-20 | CVE-2024-9840 | cve | A Denial of Service (DoS) vulnerability exists in open-webui/open-webui version 0.3.21. This vulnerability affects multiple endpoints, including `/ollama/models/upload`, `/audio... |
| Page(s) : 1 ... 76 77 78 79 80 81 82 83 84 85 [86] 87 88 89 90 91 92 93 94 95 96 ... | Result(s) : 312940 |
