Lucene search
K

15 matches found

CVE
CVE
added 2025/07/02 3:38 p.m.19 views

CVE-2025-53358

Summary (CVE-2025-53358) : Kotaemon, an open‑source RAG-based document tool, is affected in versions up to 0.10.6. The function index_fn in libs/ktem/ktem/index/file/ui.py accepts both URLs and local file paths without validation, causing the pipeline to stream and store these paths. This enables...

6.5CVSS6.4AI score0.0038EPSS
Exploits0References3
OSV
OSV
added 2025/07/02 3:38 p.m.5 views

CVE-2025-53358 kotaemon Vulnerable to Path Traversal via Link Upload

kotaemon is an open-source RAG-based tool for document comprehension. From versions 0.10.6 and prior, in libs/ktem/ktem/index/file/ui.py, the indexfn method accepts both URLs and local file paths without validation. The pipeline streams these paths directly and stores them, enabling attackers to...

6.5CVSS6.5AI score0.0038EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.4 views

SUSE CVE-2004-1139

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service application crash...

5CVSS6.8AI score0.02433EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/06/23 12:0 a.m.18 views

Debian: Security Advisory (DLA-3056-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.0151EPSS
Exploits0References3
OSV
OSV
added 2021/07/16 6:15 p.m.2 views

ALPINE-CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.3AI score0.03621EPSS
Exploits1References1
OSV
OSV
added 2021/07/16 6:15 p.m.1 views

DEBIAN-CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS8.3AI score0.03621EPSS
Exploits1References1
OSV
OSV
added 2021/07/16 6:15 p.m.2 views

UBUNTU-CVE-2021-32749

fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command mail from mailutils package...

8.1CVSS7.8AI score0.03621EPSS
Exploits1References8
OSV
OSV
added 2010/06/15 2:4 p.m.2 views

DEBIAN-CVE-2010-2286

The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service infinite loop via unknown vectors...

3.3CVSS6.8AI score0.01119EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2009/07/29 12:0 a.m.39 views

Fedora Core 11 FEDORA-2009-6972 (poppler)

The remote host is missing an update to poppler announced via advisory FEDORA-2009-6972. OpenVAS Vulnerability Test $Id: fcore20096972.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-6972 poppler Authors: Thomas Reinke Copyright: Copyright c 2009...

7.5CVSS0.5AI score0.07347EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2009/07/17 12:0 a.m.44 views

Fedora 11 : poppler-0.10.7-2.fc11 (2009-6972)

An update to the latest stable upstream release fixing many bugs, as well as addressing several security issues. Release announcement, http://lists.freedesktop.org/archives/poppler/2009-May/004721.html Note that Tenable Network Security has extracted the preceding description block directly from...

7.5CVSS5.2AI score0.07347EPSS
Exploits1References15
UbuntuCve
UbuntuCve
added 2005/05/02 4:0 a.m.21 views

CVE-2005-0704

Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code...

7.5CVSS6.2AI score0.037EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2005/03/17 12:0 a.m.2 views

PT-2005-1745 · Ethereal +1 · Ethereal +1

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.10.7 through 0.10.9 Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash, when the "ignore cipher bit" option is enabled in the GPRS-LLC dissector. Recommendations:...

7.5CVSS6.2AI score0.07606EPSS
Exploits1References17
RedHat Linux
RedHat Linux
added 2005/02/02 12:7 p.m.7 views

security flaw

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service application crash...

5CVSS5.9AI score0.02433EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2004/12/31 12:0 a.m.3 views

PT-2004-2106 · Ethereal +1 · Ethereal +1

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.10.1 through 0.10.7 Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is achieved by sending a certain packet that causes the HTTP dissector to access...

7.5CVSS6.4AI score0.06308EPSS
Exploits0References24
Positive Technologies
Positive Technologies
added 2004/12/15 12:0 a.m.3 views

PT-2004-2104 · Ethereal +1 · Ethereal +1

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.10.4 through 0.10.7 Description: The issue is related to an unknown vulnerability in the DICOM dissector, which allows remote attackers to cause a denial of service, resulting in an application crash. Recommendations: For...

7.5CVSS6.3AI score0.06308EPSS
Exploits0References24
Rows per page
Query Builder