Lucene search
+L

27 matches found

Snyk
Snyk
added 2025/03/20 12:32 p.m.3 views

SQL Injection

Overview dbgpt is a DB-GPT is an experimental open-source project that uses localized GPT large models to interact with your data and environment. With this solution, you can beassured that there is no risk of data leakage, and your data is 100% private and secure. Affected versions of this packa...

9.8CVSS7.9AI score0.00994EPSS
Exploits1References2
OSV
OSV
added 2024/04/10 5:15 p.m.3 views

CVE-2024-2195

A critical Remote Code Execution RCE vulnerability was identified in the aimhubio/aim project, specifically within the /api/runs/search/run/ endpoint, affecting versions = 3.0.0. The vulnerability resides in the runsearchapi function of the aim/web/api/runs/views.py file, where improper restricti...

9.8CVSS6.3AI score0.018EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/02/29 12:0 a.m.9 views

PT-2024-2072 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions prior to v8.1.9 Description: The issue is related to a lack of proper authorization in requests fetching team-associated AD/LDAP groups, allowing a user to fetch details of AD/LDAP groups of a team they are not a member of...

6.5CVSS7.5AI score0.00389EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2023/12/21 12:0 a.m.6 views

PT-2023-30137 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 3.7.0 through 3.17.18 GitHub Enterprise Server versions 3.8.0 through 3.8.11 GitHub Enterprise Server versions 3.9.0 through 3.9.6 GitHub Enterprise Server versions 3.10.0 through 3.10.3 Description: The issu...

5.3CVSS7.1AI score0.0054EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/12/12 12:0 a.m.4 views

PT-2023-8221 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions prior to the fixed version Description: The issue is related to a lack of validation for relative paths in the /plugins/playbooks/api/v0/telemetry/run/ endpoint, allowing an attacker to use a path traversal payload to poin...

10CVSS8.5AI score0.00309EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.4 views

SUSE CVE-2013-1653

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code v...

7.1CVSS7.8AI score0.05375EPSS
Exploits0References4
OSV
OSV
added 2013/03/20 4:55 p.m.1 views

DEBIAN-CVE-2013-1653

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code v...

7.1CVSS7.8AI score0.05375EPSS
Exploits0References1
Rows per page
Query Builder