org.apache.pinot:pinot-distribution (>=0.1.0 <=0.9.3), org.apache.pinot:pinot-integration-test-base (>=0.9.0 <=0.9.3) +3 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-broker (>=0.1.0 <=0.9.3)

org.apache.pinot:pinot-broker MAVEN version =0.1.0, =0.1.0, =0.9.0, =0.1.0, =0.1.0, =0.1.0, =0.9.3 Source cves: CVE-2024-56325 Source advisory: OSV:GHSA-6JWP-4WVJ-6597...

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition, related to unlimited resource distribution, allows a hacker to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development in GitLab Enterprise Edition is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

Exploit for CVE-2024-25600

CVE-2024-25600 Exploit - WordPress Bricks Builder Remote Code...

The vulnerability of the sqlg_hash_source component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the sqlghashsource component in the Virtuoso-opensource web application development platform is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to remotely cause service failures by uploading a specially created malware file...

CVE-2025-0811

An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Improper rendering of certain file types leads to cross-site scripting...

CVE-2024-9773

An issue was discovered in GitLab EE affecting all versions starting from 14.9 before 17.8.6, all versions starting from 17.9 before 17.8.3, all versions starting from 17.10 before 17.10.1. An input validation issue in the Harbor registry integration could have allowed a maintainer to add malicio...

GPT Academic Open Redirect Vulnerability

GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. GPT Academic suffers from an open redirection vulnerability that originates from a user redirecting to a URL specified by the user-controlled file parameter without proper validation o...

[SECURITY] [DSA 5887-1] exim4 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5887-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 26, 2025 https://www.debian.org/security/faq -...

CVE-2025-30204 vulnerabilities

Vulnerabilities for packages: openfga, argocd-image-updater, fluent-bit-plugin-loki, kargo, opentelemetry-operator, fulcio, flux-kustomize-controller, step-kms-plugin, wal-g, thanos, falcosidekick, aactl, prometheus, ko, grafana-mimir, crossplane-provider-azure,...

CVE-2024-12760

An open redirect vulnerability in bentoml/bentoml v1.3.9 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited for phishing attacks, malware distribution, and credential theft...

CVE-2024-10908

An open redirect vulnerability in lm-sys/fastchat Release v0.2.36 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited for phishing attacks, malware distribution, and credential theft...

CVE-2024-10812

An open redirect vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability occurs when a user is redirected to a URL specified by user-controlled input in the 'file' parameter without proper validation or sanitization. This can be exploited by attackers to conduct phishing...

CVE-2024-9308

An open redirect vulnerability in haotian-liu/llava version v1.2.0 LLaVA-1.6 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited for phishing attacks, malware distribution, and credential theft...

CVE-2024-8029

An XSS vulnerability was discovered in the upload files process of imartinez/privategpt v0.5.0. Attackers can upload malicious SVG files, which execute JavaScript when victims click on the file link. This can lead to user data theft, session hijacking, malware distribution, and phishing attacks...

[SECURITY] [DSA 5882-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5882-1 [email protected] https://www.debian.org/security/ Andres Salomon March 20, 2025 https://www.debian.org/security/faq -...

Open WebUI Vulnerable to Cross-Site Scripting (XSS) via Chat File Upload

A Stored Cross-Site Scripting XSS vulnerability exists in the chat file upload functionality of open-webui/open-webui version 0.3.8. An attacker can inject malicious content into a file, which, when accessed by a victim through a URL or shared chat, executes JavaScript in the victim's browser. Th...

GHSA-J274-M559-CJ4J Open WebUI Vulnerable to Cross-Site Scripting (XSS) via Chat File Upload

A Stored Cross-Site Scripting XSS vulnerability exists in the chat file upload functionality of open-webui/open-webui version 0.3.8. An attacker can inject malicious content into a file, which, when accessed by a victim through a URL or shared chat, executes JavaScript in the victim's browser. Th...

BentoML Open Redirect vulnerability

An open redirect vulnerability in bentoml/bentoml v1.3.9 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited for phishing attacks, malware distribution, and credential theft...