CVE-2024-11822

langgenius/dify version 0.9.1 contains a Server-Side Request Forgery SSRF vulnerability. The vulnerability exists due to improper handling of the apiendpoint parameter, allowing an attacker to make direct requests to internal network services. This can lead to unauthorized access to internal...

CVE-2024-11822

langgenius/dify version 0.9.1 contains a Server-Side Request Forgery SSRF vulnerability. The vulnerability exists due to improper handling of the apiendpoint parameter, allowing an attacker to make direct requests to internal network services. This can lead to unauthorized access to internal...

CVE-2024-11822 Server-Side Request Forgery (SSRF) in langgenius/dify

langgenius/dify version 0.9.1 contains a Server-Side Request Forgery SSRF vulnerability. The vulnerability exists due to improper handling of the apiendpoint parameter, allowing an attacker to make direct requests to internal network services. This can lead to unauthorized access to internal...

CVE-2024-11822 Server-Side Request Forgery (SSRF) in langgenius/dify

langgenius/dify version 0.9.1 contains a Server-Side Request Forgery SSRF vulnerability. The vulnerability exists due to improper handling of the apiendpoint parameter, allowing an attacker to make direct requests to internal network services. This can lead to unauthorized access to internal...

CVE-2024-11822

The CVE-2024-11822 issue affects langgenius/dify version 0.9.1 and is caused by improper handling of the api_endpoint parameter, enabling Server-Side Request Forgery (SSRF). The vulnerability allows an attacker to make direct requests from the server to internal network services, potentially expo...

CVE-2020-11822

In Rukovoditel 2.5.2, there is a stored XSS vulnerability on the application structure -- user access groups page. Thus, an attacker can inject malicious script to steal all users' valuable data...

CVE-2019-11822

Synology Photo Station contains a relative path traversal in SYNO.PhotoStation.File that lets remote attackers upload arbitrary files via the uploadphoto parameter. Affected versions are Synology Photo Station prior to 6.8.11-3489 and prior to 6.3-2977. The root cause is a path traversal vulnerab...

CVE-2018-11822

CVE-2018-11822 affects Qualcomm Snapdragon Mobile WLAN HOST. A possible integer overflow during memory allocation in the WLAN stack could impact devices with SD 835, SD 845, SD 850, and SDA660. Severity in the Qualcomm bulletin is listed as High for WLAN HOST; exploitation status is not provided ...

Security Updates for Internet Explorer (October 2017)

The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a...

Memory corruption

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, and Windows Server 2012 R2 allows an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Memo...

CVE-2017-11822

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how...