2982 matches found
PT-2025-29676 · Unknown · Gpt-Sovits-Webui
Name of the Vulnerable Software and Affected Versions: GPT-SoVITS-WebUI versions 20250228v3 and prior Description: GPT-SoVITS-WebUI is a voice conversion and text-to-speech webUI. A command injection issue exists in the webui.py open denoise function. The denoise inp dir and denoise opt dir...
CVE-2025-3626
A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' while uploading a config file via webUI...
CVE-2025-3626
CVE-2025-3626 describes an OS Command Injection vulnerability in Frauscher Sensortechnik products (Frauscher FDS101/FDS102 and related FDS00x series) triggered when uploading configuration files via a webUI. The root cause is improper neutralization of special elements in OS commands during confi...
CVE-2025-3626 OS Command Injection via Config Upload in WebUI
A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' while uploading a config file via webUI...
CVE-2025-3626 OS Command Injection via Config Upload in WebUI
A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' while uploading a config file via webUI...
PT-2025-28143 · Frauscher · Fds102
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command while uploading a config file via...
Remote Code Execution (RCE)
llamafactory is vulnerable to Remote Code Execution RCE. The vulnerability is due to the unsafe loading of the vheadfile argument without the weightsonly=True safeguard, allowing attackers to exploit the Checkpoint path parameter via the WebUI to execute arbitrary code...
LLaMA-Factory allows Code Injection through improper vhead_file safeguards
Summary A critical remote code execution vulnerability was discovered during the Llama Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards, allowing malicious attackers to execute arbitrary malicious code on the host system simply by passi...
CVE-2025-53002
LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLaMA-Factory versions up to and including 0.9.3 during the LLaMA-Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards,...
CVE-2025-53002 LLaMA-Factory Remote Code Execution (RCE) Vulnerability
LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLaMA-Factory versions up to and including 0.9.3 during the LLaMA-Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards,...
CVE-2025-53002 LLaMA-Factory Remote Code Execution (RCE) Vulnerability
LLaMA-Factory is a tuning library for large language models. A remote code execution vulnerability was discovered in LLaMA-Factory versions up to and including 0.9.3 during the LLaMA-Factory training process. This vulnerability arises because the vheadfile is loaded without proper safeguards,...
PT-2025-26979
Name of the Vulnerable Software and Affected Versions: LLaMA-Factory versions up to and including 0.9.3 Description: A remote code execution issue was discovered in LLaMA-Factory during the training process. This issue arises because the vhead file is loaded without proper safeguards, allowing...
CVE-2025-4979
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables that they did not author in the WebUI, by simply creating their own variable and observing the HTTP...
CVE-2024-6971
A path traversal vulnerability exists in the parisneo/lollms-webui repository, specifically in the lollmsfilesystem.py file. The functions addragdatabase, togglemountragdatabase, and vectorizefolder do not implement security measures such as sanitizepathfromendpoint or sanitizepath. This allows a...
CVE-2024-7049
In version v0.3.8 of open-webui/open-webui, a vulnerability exists where a token is returned when a user with a pending role logs in. This allows the user to perform actions without admin confirmation, bypassing the intended approval process...
CVE-2024-7048
In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API endpoints GET /api/v1/documents/ and POST /rag/api/v1/doc. This vulnerability allows a lower-privileged user to access and overwrite files managed by a higher-privileged admin. By exploiting this...
CVE-2024-7041
An Insecure Direct Object Reference IDOR vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint http://0.0.0.0:3000/api/v1/memories/id/update, where the decentralization design is flawed, allowing attackers to edit other users' memories without...
CVE-2024-7037
In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHEDIR. This vulnerability allows attackers to overwrite and delete system files, potentially leading to remote cod...
CVE-2024-7038
An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...
CVE-2024-30256
Open WebUI is a user-friendly WebUI for LLMs. Open-webui is vulnerable to authenticated blind server-side request forgery. This vulnerability is fixed in 0.1.117...