| Page(s) : 1 ... 78 79 80 81 82 83 84 85 86 87 [88] 89 90 91 92 93 94 95 96 97 98 ... | Result(s) : 312940 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-20 | CVE-2025-0317 | cve | A vulnerability in ollama/ollama versions |
| N/A | 2025-03-20 | CVE-2025-0330 | cve | In berriai/litellm version v1.52.1, an issue in proxy_server.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability expo... |
| N/A | 2025-03-20 | CVE-2025-0452 | cve | eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems via the '/v1/agent/hub/update' endpoint. The application fails to proper... |
| N/A | 2025-03-20 | CVE-2025-0453 | cve | In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. An attacker can create large batches of queries that repeatedly request all... |
| N/A | 2025-03-20 | CVE-2025-0454 | cve | A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of significant-gravitas/autogpt versions prior to v0.4.0. The vulnerability arises due ... |
| N/A | 2025-03-20 | CVE-2025-0508 | cve | A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows bei... |
| N/A | 2025-03-20 | CVE-2025-0628 | cve | An improper authorization vulnerability exists in the main-latest version of BerriAI/litellm. When a user with the role 'internal_user_viewer' logs into the applicatio... |
| N/A | 2025-03-20 | CVE-2025-0655 | cve | A vulnerability in man-group/dtale versions 3.15.1 allows an attacker to override global state settings to enable the `enable_custom_filters` feature, which is typically restric... |
| N/A | 2025-03-20 | CVE-2025-1040 | cve | AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that could lead to Remote Code Execution (RCE). The vulnerability arises from the im... |
| 7.5 | 2025-03-20 | CVE-2025-1451 | cve | A vulnerability in parisneo/lollms-webui v13 arises from the server's handling of multipart boundaries in file uploads. The server does not limit or validate the length of ... |
| N/A | 2025-03-20 | CVE-2025-1473 | cve | A Cross-Site Request Forgery (CSRF) vulnerability exists in the Signup feature of mlflow/mlflow versions 2.17.0 to 2.20.1. This vulnerability allows an attacker to create a new ... |
| 5.5 | 2025-03-20 | CVE-2025-1474 | cve | In mlflow/mlflow version 2.18, an admin is able to create a new user account without setting a password. This vulnerability could lead to security risks, as accounts without pas... |
| N/A | 2025-03-20 | CVE-2025-1796 | cve | A vulnerability in langgenius/dify v0.10.1 allows an attacker to take over any account, including administrator accounts, by exploiting a weak pseudo-random number generator (PR... |
| N/A | 2025-03-20 | CVE-2025-30259 | cve | The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to mess... |
| N/A | 2025-03-19 | CVE-2025-1628 | cve | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| N/A | 2025-03-19 | CVE-2025-27705 | cve | There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.53. Attackers with system administrator p... |
| N/A | 2025-03-19 | CVE-2025-30258 | cve | In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses th... |
| 6.1 | 2025-03-19 | CVE-2024-55009 | cve | A reflected cross-site scripting (XSS) vulnerability in AutoBib - Bibliographic collection management system 3.1.140 and earlier allows attackers to execute arbitrary Javascript... |
| N/A | 2025-03-19 | CVE-2025-26816 | cve | A vulnerability in Intrexx Portal Server 12.0.2 and earlier which was classified as problematic potentially allows users with particular permissions under certain conditions to ... |
| N/A | 2025-03-19 | CVE-2025-27774 | cve | Applio is a voice conversion tool. Versions 3.2.7 and prior are vulnerable to server-side request forgery (SSRF) and file write in `model_download.py` (line 156 in 3.2.7). The b... |
| Page(s) : 1 ... 78 79 80 81 82 83 84 85 86 87 [88] 89 90 91 92 93 94 95 96 97 98 ... | Result(s) : 312940 |
