EUVD-2024-2805

Malicious code in bioql PyPI...

EUVD-2024-2790

Malicious code in bioql PyPI...

CVE-2024-47170

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information an...

CVE-2024-47169

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload arbitrary files to attacker-chosen locations on the server, including JavaScript, enabling the execution of commands within those...

GHSA-G54F-66MW-HV66 Agnai vulnerable to Relative Path Traversal in Image Upload

Summary A vulnerability has been discovered in Agnai that permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended directories, including overwriting of existing images which may be used for...

Agnai vulnerable to Relative Path Traversal in Image Upload

Summary A vulnerability has been discovered in Agnai that permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended directories, including overwriting of existing images which may be used for...

CVE-2024-47170

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information an...

CVE-2024-47169

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload arbitrary files to attacker-chosen locations on the server, including JavaScript, enabling the execution of commands within those...

CVE-2024-47171

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

Agnai File Disclosure Vulnerability: JSON via Path Traversal

CWE-35: Path Traversal https://cwe.mitre.org/data/definitions/35.html CVSSv3.1 4.3 - Medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Summary A vulnerability has been discovered in Agnai that permits attackers to read arbitrary JS...

GHSA-H355-HM5H-CM8H Agnai File Disclosure Vulnerability: JSON via Path Traversal

CWE-35: Path Traversal https://cwe.mitre.org/data/definitions/35.html CVSSv3.1 4.3 - Medium CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Summary A vulnerability has been discovered in Agnai that permits attackers to read arbitrary JS...

GHSA-MPCH-89GM-HM83 Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal

Summary A vulnerability has been discovered in Agnai that permits attackers to upload arbitrary files to attacker-chosen locations on the server, including JavaScript, enabling the execution of commands within those files. This issue could result in unauthorized access, full server compromise, da...

Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal

Summary A vulnerability has been discovered in Agnai that permits attackers to upload arbitrary files to attacker-chosen locations on the server, including JavaScript, enabling the execution of commands within those files. This issue could result in unauthorized access, full server compromise, da...

CVE-2024-47171 Agnai vulnerable to Relative Path Traversal in Image Upload

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

CVE-2024-47171

Summary : CVE-2024-47171 affects Agnai (multi-user/multi-bot chat system). Versions prior to 1.0.330 are vulnerable to an image-upload flaw where attackers can place files at attacker-chosen server locations, potentially overwriting existing images or placing files in unintended directories. The ...

CVE-2024-47171 Agnai vulnerable to Relative Path Traversal in Image Upload

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

CVE-2024-47171 Agnai vulnerable to Relative Path Traversal in Image Upload

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

CVE-2024-47170

Agnai before 1.0.330 is affected by a path traversal vulnerability that allows an attacker to read arbitrary JSON files on the server when JSON_STORAGE is enabled. The issue arises from reading files without proper validation in the JSON handling path, exposing sensitive configuration data. Versi...

CVE-2024-47170 Agnai File Disclosure Vulnerability: JSON via Path Traversal

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information an...

CVE-2024-47170 Agnai File Disclosure Vulnerability: JSON via Path Traversal

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to read arbitrary JSON files at attacker-chosen locations on the server. This issue can lead to unauthorized access to sensitive information an...