Lucene search
K

27 matches found

Snyk
Snyk
added 2025/03/20 12:32 p.m.6 views

Directory Traversal

Overview InvokeAI is an An implementation of Stable Diffusion which provides various new features and options to aid the image generation process Affected versions of this package are vulnerable to Directory Traversal through the web API POST /api/v1/images/delete. An attacker can delete arbitrar...

9.1CVSS7.6AI score0.01348EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.6 views

PT-2024-5562

SAP BusinessObjects Business Intelligence Platform versions 4.30 and 4.40 The issue involves a missing authentication check in the SAP BusinessObjects Business Intelligence Platform when Single Signed On is enabled on Enterprise authentication. An unauthorized user can obtain a logon token by...

10CVSS6.6AI score0.75866EPSS
Exploits0References49
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.6 views

WordPress plugin InstaWP Connect 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.8CVSS6.7AI score0.05747EPSS
Exploits0References3
OSV
OSV
added 2022/11/18 11:15 p.m.4 views

DEBIAN-CVE-2022-45132

In Linaro Automated Validation Architecture LAVA before 2022.11.1, remote code execution can be achieved through user-submitted Jinja2 template. The REST API endpoint for validating device configuration files in lava-server loads input as a Jinja2 template in a way that can be used to trigger...

9.8CVSS9.4AI score0.01859EPSS
Exploits1References1
Veracode
Veracode
added 2022/03/25 3:52 a.m.6 views

Information Disclosure

motioneye is vulnerable to information disclosure. The vulnerability exists due to an insecure access control allowing an attacker to access sensitive information via the GET request to web API /config/list endpoint when a user's password is not configured...

7.5CVSS6.3AI score0.06829EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2021/11/18 12:0 a.m.7 views

OSIsoft PI Server 跨站脚本漏洞

Osisoft OSIsoft PI is a commercial software application platform based on the Ckient/Server architecture from OSIsoft Osisoft, USA. The platform supports data collection, analysis and visualization, etc. A security vulnerability exists in OSIsoft PI Server, which can be exploited by remote...

6.9CVSS5.7AI score0.00668EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/05/27 12:0 a.m.4 views

Red Hat Data Grid 跨站请求伪造漏洞

Red Hat Data Grid is a memory-based Nosql database with distributed support from Red Hat. Red Hat Data Grid 8.2.0 suffers from a cross-site request forgery vulnerability that stems from a lack of authentication measures or insufficient authentication strength in a networked system or product. An...

7.1CVSS7AI score0.00445EPSS
Exploits0References4
Rows per page
Query Builder