AnythingLLM 参数注入漏洞

AnythingLLM is an integrated AI application open source by Mintplex. Versions of AnythingLLM prior to 1.13.0 had a parameter injection vulnerability. This vulnerability stemmed from the filesystem-search-files proxy skill directly passing mode parameters controlled by the LLM as position paramete...

OpenClaw 操作系统命令注入漏洞

OpenClaw is openclaw open source an intelligent artificial assistant. OpenClaw there is an operating system command injection vulnerability , the vulnerability stems from the Docker sandbox execution mechanism when constructing shell commands on the PATH environment variable handling insecurity ,...

CVE-2022-41835

In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.5.0, excessive file permissions in F5OS allows an authenticated local attacker to execute limited set of commands in a container and impact the F5OS controller...

PT-2022-26089 · F5 · F5Os-A +1

Name of the Vulnerable Software and Affected Versions: F5OS-A versions 1.x before 1.1.0 F5OS-C versions 1.x before 1.5.0 Description: The issue is related to excessive file permissions in F5OS, allowing an authenticated local attacker to execute a limited set of commands in a container and impact...

F5 F5OS-A 安全漏洞

F5 F5OS-A is an operating system software from F5 Corporation in the United States. A security vulnerability exists in F5 F5OS-A version 1.x prior to 1.1.0 and F5OS-C version 1.x prior to 1.5.0, which stems from its excessive file permissions that allow an authenticated, local attacker to execute...