149 matches found
Open WebUI denial of service through endpoint for converting markdown
In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until...
GHSA-GJ27-76GQ-5V3P Open WebUI stored cross-site scripting (XSS) vulnerability
A stored cross-site scripting XSS vulnerability exists in open-webui/open-webui version 0.3.8. The vulnerability is present in the /api/v1/models/add endpoint, where the model description field is improperly sanitized before being rendered in chat. This allows an attacker to inject malicious...
CVE-2024-53388
A DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element...
CVE-2024-5827
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents . This can lead to...
WordPress plugin JustRows free 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin iBuildApp 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PYSEC-2025-58
vLLM is a library for LLM inference and serving. vllm/modelexecutor/weightutils.py implements hfmodelweightsiterator to load the model checkpoint, which is downloaded from huggingface. It uses the torch.load function and the weightsonly parameter defaults to False. When torch.load loads malicious...
WordPress plugin Flexible Blogtitle 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-39025
Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data...
WordPress plugin Amazon Associate Filter 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2024-10311
The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.1. This is due to a missing capability check in the 'edbaadminhandle' function. This makes it possible for authenticated attackers, with subscriber-level permissions...
PT-2024-35215 · Labs64 · Digipass
Name of the Vulnerable Software and Affected Versions: DigiPass versions 0.3.0 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal'. This allows Absolute Path Traversal in Labs64 DigiPass. Recommendations:...
PT-2024-20172
Name of the Vulnerable Software and Affected Versions libfluid version 0.1.0 Description The issue is related to an Unchecked Return Value to NULL Pointer Dereference vulnerability in the Open Networking Foundation ONF libfluid, specifically in the libfluid msg module. This vulnerability is...
PT-2024-23827 · Open Networking Foundation · Libfluid
Name of the Vulnerable Software and Affected Versions: libfluid version 0.1.0 Description: The issue is related to an Unchecked Return Value to NULL Pointer Dereference vulnerability in the libfluid msg module of the Open Networking Foundation ONF libfluid. This vulnerability is associated with t...
PT-2024-28049 · Hush Line · Hush Line
Name of the Vulnerable Software and Affected Versions: Hush Line versions prior to 0.1.0 Description: Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. There is a stored XSS in the Inbox. The input is displayed using the safe Jinja2 attribute,...
GHSA-WF7F-8FXF-XFXC MLFlow unsafe deserialization
Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with...
wasm3 安全漏洞
wasm3 is the fastest WebAssembly interpreter, as well as the most versatile runtime. A security vulnerability exists in version v0.5.0 of wasm3, which originates from a segmentation error via the function PreserveRegisterIfOccupied in wasm3/source/m3compile.c. The vulnerability is caused by the...
VulnCheck KEV: CVE-2021-32849
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
Malicious code in rb-web-popup (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 04b85d0e4dc2479fa94e653c94a102e902b4154168a9797a2677ef30c1af062e The OpenSSF Package Analysis project identified 'rb-web-popup' @ 0.1.0 npm as malicious. It is considered malicious because: - The package...
MetaGPT Security Vulnerabilities
MetaGPT is a multi-agent framework from MetaGPT, Inc. A security vulnerability exists in MetaGPT version 0.6.4 and prior versions, which stems from a vulnerability that allows a malicious attacker to execute arbitrary code...