CVE-2024-10901 Arbitrary File Write via DuckDB SQL Injection in eosphoros-ai/db-gpt

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/chart/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim's file...

CVE-2024-10901

CVE-2024-10901 affects eosphoros-ai/db-gpt. In v0.6.0 (and earlier per OSV entry), the web API POST /api/v1/editor/chart/run allows executing arbitrary SQL without access controls, enabling Arbitrary File Write and potentially Remote Code Execution by writing files such as init .py into Python’s ...

CVE-2024-10835 Arbitrary File Write via SQL Injection in eosphoros-ai/db-gpt

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the...

CVE-2024-10835 Arbitrary File Write via SQL Injection in eosphoros-ai/db-gpt

In eosphoros-ai/db-gpt version v0.6.0, the web API POST /api/v1/editor/sql/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the...

CVE-2024-12216 Arbitrary File Write via TarSlip in dmlc/gluon-cv

A vulnerability in the ImageClassificationDataset.fromcsv API of the dmlc/gluon-cv repository, version 0.10.0, allows for arbitrary file write. The function downloads and extracts tar.gz files from URLs without proper sanitization, making it susceptible to a TarSlip vulnerability. Attackers can...

CVE-2024-12216 Arbitrary File Write via TarSlip in dmlc/gluon-cv

A vulnerability in the ImageClassificationDataset.fromcsv API of the dmlc/gluon-cv repository, version 0.10.0, allows for arbitrary file write. The function downloads and extracts tar.gz files from URLs without proper sanitization, making it susceptible to a TarSlip vulnerability. Attackers can...

CVE-2024-12216

The CVE-2024-12216 issue affects dmlc/gluon-cv 0.10.0, specifically ImageClassificationDataset.from_csv(). The vulnerability arises because tar.gz files downloaded from URLs are extracted without proper sanitization, enabling TarSlip via path traversal or faked symlinks to overwrite arbitrary fil...

CVE-2024-10572 Denial of Service and Arbitrary File Write in h2oai/h2o-3

In h2oai/h2o-3 version 3.46.0.1, the runtool command exposes classes in the water.tools package through the ast parser. This includes the XGBoostLibExtractTool class, which can be exploited to shut down the server and write large files to arbitrary directories, leading to a denial of service...

CVE-2024-10831 Arbitrary File Write through Absolute Path Traversal in eosphoros-ai/db-gpt

In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the filekey and docfile.filename parameters are...

CVE-2024-8019 Arbitrary File Write/Overwrite in lightning-ai/pytorch-lightning

In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...

CVE-2024-8019 Arbitrary File Write/Overwrite in lightning-ai/pytorch-lightning

In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the LightningApp when running on a Windows host. The vulnerability occurs at the /api/v1/uploadfile/ endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to...

PT-2025-12173 · Unknown · Open-Webui

Name of the Vulnerable Software and Affected Versions: open-webui/open-webui version 0.3.8 Description: An arbitrary file write vulnerability exists in the download model endpoint. When deployed on Windows, the application improperly handles file paths, allowing an attacker to manipulate the file...

DB-GPT 安全漏洞

DB-GPT is an AWEL and agent-based AI native data application development framework open-sourced by eosphoros. A security vulnerability exists in DB-GPT version 0.6.0, which stems from an arbitrary file write vulnerability in the RAG-knowledge endpoint, which allows an attacker to write a file to ...

DB-GPT 路径遍历漏洞

DB-GPT is an AWEL and agent-based AI native data application development framework open-sourced by eosphoros. A path traversal vulnerability exists in DB-GPT version 0.6.0, which stems from an arbitrary file write vulnerability in the knowledge API that allows an attacker to write a file to an...

CVE-2025-27783

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file write in train.py. This issue may lead to writing arbitrary files on the Applio server. It can also be used in conjunction with an unsafe deserialization to achieve remote code execution. As of tim...

CVE-2025-27782

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file write in inference.py. This issue may lead to writing arbitrary files on the Applio server. It can also be used in conjunction with an unsafe deserialization to achieve remote code execution. As of...

CVE-2025-27782

The CVE-2025-27782 entry concerns Applio, a voice-conversion tool. Affected are versions 3.2.8-bugfix and earlier, where the vulnerability exists in inference.py allowing arbitrary file write on the server. This can be combined with unsafe deserialization to achieve remote code execution. As of p...

CVE-2025-27782 Applio allows arbitrary file write in inference.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file write in inference.py. This issue may lead to writing arbitrary files on the Applio server. It can also be used in conjunction with an unsafe deserialization to achieve remote code execution. As of...

CVE-2025-27782 Applio allows arbitrary file write in inference.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file write in inference.py. This issue may lead to writing arbitrary files on the Applio server. It can also be used in conjunction with an unsafe deserialization to achieve remote code execution. As of...

CVE-2025-27783 Applio allows arbitrary file write in train.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file write in train.py. This issue may lead to writing arbitrary files on the Applio server. It can also be used in conjunction with an unsafe deserialization to achieve remote code execution. As of tim...