Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 11:43 a.m.16 views

CVE-2024-7340

The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin...

8.8CVSS7AI score0.04974EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/11/11 10:11 a.m.13 views

Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning ML related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published...

8.8CVSS10AI score0.14956EPSS
Exploits3
Circl
Circl
added 2024/07/31 5:40 p.m.6 views

CVE-2024-7340

creationtimestamp| type| source ---|---|--- 2024-07-31 17:40:20+00:00| seen| https://t.me/cvedetector/2146 2024-09-17 09:09:01+00:00| published-proof-of-concept| https://t.me/G18Division/34 2024-09-17 20:40:45+00:00| published-proof-of-concept| https://t.me/whoisAlixan/2908 2024-10-15...

8.8CVSS9AI score0.04974EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/07/31 3:0 p.m.19 views

CVE-2024-7340 W&B Weave server remote arbitrary file leak and privilege escalation

The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin...

8.8CVSS7AI score0.04974EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/31 3:0 p.m.290 views

CVE-2024-7340 W&B Weave server remote arbitrary file leak and privilege escalation

The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin...

8.8CVSS0.04974EPSS
Exploits0References2
Rows per page
Query Builder