Lucene search
K

78 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:0 a.m.7 views

CVE-2024-32027

Kohyass is a GUI for Kohya's Stable Diffusion trainers. Kohyass v22.6.1 is vulnerable to command injection in finetunegui.py This vulnerability is fixed in 23.1.5...

9.8CVSS7.3AI score0.03029EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/16 2:46 p.m.16 views

CVE-2024-32027 Kohya_ss is vulnerable to a command injection in `finetune_gui.py` (`GHSL-2024-022`)

Kohyass is a GUI for Kohya's Stable Diffusion trainers. Kohyass v22.6.1 is vulnerable to command injection in finetunegui.py This vulnerability is fixed in 23.1.5...

9.1CVSS9.6AI score0.03029EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/04/16 2:46 p.m.12 views

CVE-2024-32027 Kohya_ss is vulnerable to a command injection in `finetune_gui.py` (`GHSL-2024-022`)

Kohyass is a GUI for Kohya's Stable Diffusion trainers. Kohyass v22.6.1 is vulnerable to command injection in finetunegui.py This vulnerability is fixed in 23.1.5...

9.1CVSS7.3AI score0.03029EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/04/16 2:44 p.m.10 views

CVE-2024-32025 Kohya_ss is vulnerable to a command injection in `group_images_gui.py` (`GHSL-2024-021`)

Kohyass is a GUI for Kohya's Stable Diffusion trainers. Kohyass is vulnerable to a command injection in groupimagesgui.py. This vulnerability is fixed in 23.1.5...

9.1CVSS7.5AI score0.02494EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/04/16 2:42 p.m.24 views

CVE-2024-32024 Kohya_ss vulenrable to path injection in `common_gui.py` `add_pre_postfix` function (`GHSL-2024-023`)

Kohyass is a GUI for Kohya's Stable Diffusion trainers. Kohyass is vulnerable to a path injection in the commongui.py addprepostfix function. This vulnerability is fixed in 23.1.5...

6.5CVSS6.7AI score0.00666EPSS
Exploits1References3
NVD
NVD
added 2024/04/12 10:15 p.m.50 views

CVE-2024-31462

stable-diffusion-webui is a web interface for Stable Diffusion, implemented using Gradio library. Stable-diffusion-webui 1.7.0 is vulnerable to a limited file write affecting Windows systems. The createui method Backup/Restore tab in modules/uiextensions.py takes user input into the configsavenam...

6.3CVSS6.3AI score0.0068EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/04/12 9:41 p.m.37 views

CVE-2024-31462 Limited file write in Stable-diffusion-webui - GHSL-2024-010

stable-diffusion-webui is a web interface for Stable Diffusion, implemented using Gradio library. Stable-diffusion-webui 1.7.0 is vulnerable to a limited file write affecting Windows systems. The createui method Backup/Restore tab in modules/uiextensions.py takes user input into the configsavenam...

6.3CVSS6.5AI score0.0068EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/04/12 9:41 p.m.21 views

CVE-2024-31462 Limited file write in Stable-diffusion-webui - GHSL-2024-010

stable-diffusion-webui is a web interface for Stable Diffusion, implemented using Gradio library. Stable-diffusion-webui 1.7.0 is vulnerable to a limited file write affecting Windows systems. The createui method Backup/Restore tab in modules/uiextensions.py takes user input into the configsavenam...

6.3CVSS6.9AI score0.0068EPSS
Exploits0References10
CVE
CVE
added 2024/04/12 9:41 p.m.79 views

CVE-2024-31462

The CVE-2024-31462 entry concerns stable-diffusion-webui (v1.7.0) with a limited file write vulnerability. The root cause is in the create_ui function (Backup/Restore tab) within modules/ui_extensions.py, where user input is captured into config_save_name and later used to form a file path that i...

6.3CVSS6.8AI score0.0068EPSS
Exploits0References10
OSV
OSV
added 2024/04/12 9:41 p.m.26 views

CVE-2024-31462 Limited file write in Stable-diffusion-webui - GHSL-2024-010

stable-diffusion-webui is a web interface for Stable Diffusion, implemented using Gradio library. Stable-diffusion-webui 1.7.0 is vulnerable to a limited file write affecting Windows systems. The createui method Backup/Restore tab in modules/uiextensions.py takes user input into the configsavenam...

6.3CVSS6.8AI score0.0068EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.7 views

PT-2024-24093 · Unknown · Stable-Diffusion-Webui

Name of the Vulnerable Software and Affected Versions: stable-diffusion-webui version 1.7.0 Description: The issue is related to a limited file write affecting Windows systems. It occurs in the create ui method Backup/Restore tab in modules/ui extensions.py, where user input is taken into the...

6.3CVSS6.9AI score0.0068EPSS
Exploits0References14
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.5 views

Stable Diffusion web UI 安全漏洞

Stable Diffusion web UI is a web interface by the individual developer of AUTOMATIC1111. A security vulnerability exists in Stable Diffusion web UI version 1.7.0, which stems from the presence of a file write vulnerability. An attacker can exploit the vulnerability to write a json file anywhere t...

6.3CVSS6.7AI score0.0068EPSS
Exploits0References10
CNVD
CNVD
added 2023/10/26 12:0 a.m.74 views

Stable Diffusion WebUI Remote Command Execution Vulnerability

Stable Diffusion WebUI is an AI image processing tool developed by AUTOMATIC1111 based on the Stable Diffusion AI model, which supports file creation and image creation. A remote command execution vulnerability in Stable Diffusion WebUI, which is caused by not filtering user input when installing...

8.1AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/10/22 10:15 p.m.5 views

CVE-2023-46315

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

7.5CVSS5.8AI score0.00572EPSS
Exploits0References3
NVD
NVD
added 2023/10/22 10:15 p.m.22 views

CVE-2023-46315

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

7.5CVSS7.6AI score0.00572EPSS
Exploits0References2
Prion
Prion
added 2023/10/22 10:15 p.m.17 views

Authentication flaw

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

5CVSS7.6AI score0.00572EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/22 12:0 a.m.9 views

CVE-2023-46315

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

7.1AI score0.00572EPSS
Exploits0References2
CVE
CVE
added 2023/10/22 12:0 a.m.48 views

CVE-2023-46315

The CVE-2023-46315 issue affects the sd-webui-infinite-image-browsing extension for stable-diffusion-webui up to version 977815a. If Gradio authentication is enabled without a secret key, an unauthenticated remote attacker can read local files via the /file?path= endpoint, with demonstrations inc...

7.5CVSS7.5AI score0.00572EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder