Stable Diffusion Webui 1.10.0 - Open Redirect

An open redirect vulnerability exists in Stable-Diffusion-Webui 1.10.0, where the file parameter in the /file= endpoint can be manipulated to redirect users to malicious websites. This could facilitate phishing attacks by tricking users into visiting attacker-controlled URLs. id: CVE-2024-11044...

EUVD-2024-29860

Malicious code in bioql PyPI...

EUVD-2025-7011

Malicious code in bioql PyPI...

EUVD-2025-7001

Malicious code in bioql PyPI...

EUVD-2024-29862

Malicious code in bioql PyPI...

EUVD-2024-29865

Malicious code in bioql PyPI...

EUVD-2025-7024

Malicious code in bioql PyPI...

EUVD-2025-7060

Malicious code in bioql PyPI...

EUVD-2024-29864

Malicious code in bioql PyPI...

EUVD-2025-16160

Malicious code in bioql PyPI...

EUVD-2024-29344

Malicious code in bioql PyPI...

CVE-2024-32024

Kohyass is a GUI for Kohya's Stable Diffusion trainers. Kohyass is vulnerable to a path injection in the commongui.py addprepostfix function. This vulnerability is fixed in 23.1.5...

CVE-2024-32023

Kohyass is a GUI for Kohya's Stable Diffusion trainers. Kohyass is vulnerable to a path injection in the commongui.py findandreplace function. This vulnerability is fixed in 23.1.5...

CVE-2024-31462

stable-diffusion-webui is a web interface for Stable Diffusion, implemented using Gradio library. Stable-diffusion-webui 1.7.0 is vulnerable to a limited file write affecting Windows systems. The createui method Backup/Restore tab in modules/uiextensions.py takes user input into the configsavenam...

CVE-2025-45468

Insecure permissions in fc-stable-diffusion-plus v1.0.18 allows attackers to escalate privileges and compromise the customer cloud account...

CVE-2025-45468

Insecure permissions in fc-stable-diffusion-plus v1.0.18 allows attackers to escalate privileges and compromise the customer cloud account...

PT-2025-22503 · Unknown · Fc-Stable-Diffusion-Plus

Name of the Vulnerable Software and Affected Versions: fc-stable-diffusion-plus version 1.0.18 Description: The issue is related to insecure permissions, which can allow attackers to escalate privileges and compromise the customer cloud account. Recommendations: For fc-stable-diffusion-plus versi...

CVE-2025-45468

CVE-2025-45468 affects fc-stable-diffusion-plus v1.0.18, caused by insecure permissions that enable privilege escalation and potential compromise of the customer cloud account. CVSS 3.1 base score 8.8 (HIGH) with network attack vector, low attack complexity, and privileges required: LOW. Exploita...

fc-stable-diffusion 安全漏洞

fc-stable-diffusion is an open source tool from Serverless Devs Registry for deploying stable-diffusion to AliCloud Functional Computing. A security vulnerability exists in fc-stable-diffusion v1.0.18, which stems from improper privileges and could lead to elevated privileges and customer cloud...

CVE-2024-12374

A stored cross-site scripting XSS vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript...