2994 matches found
PT-2025-12177 · Unknown · Open-Webui
Name of the Vulnerable Software and Affected Versions: open-webui/open-webui version v0.3.8 Description: The application exhibits improper privilege management. An attacker with administrator privileges can delete other administrators by directly accessing the API endpoint...
PT-2025-12097 · Unknown · Automatic1111/Stable-Diffusion-Webui
Name of the Vulnerable Software and Affected Versions: automatic1111/stable-diffusion-webui version 1.10.0 Description: A Cross-Site WebSocket Hijacking CSWSH vulnerability allows an attacker to clone a malicious server extension from a GitHub repository. The vulnerability is due to a lack of...
PT-2025-12173 · Unknown · Open-Webui
Name of the Vulnerable Software and Affected Versions: open-webui/open-webui version 0.3.8 Description: An arbitrary file write vulnerability exists in the download model endpoint. When deployed on Windows, the application improperly handles file paths, allowing an attacker to manipulate the file...
PT-2025-12176 · Unknown · Open-Webui/Open-Webui
Name of the Vulnerable Software and Affected Versions: open-webui/open-webui version 0.3.8 Description: A vulnerability allows an unauthenticated attacker to sign up with excessively large text in the name field, causing the Admin panel to become unresponsive. This prevents administrators from...
Open WebUI 访问控制错误漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. An Access Control Error vulnerability exists in Open WebUI version v0.3.8, which stems from improper access control that allows an administrator to view the chat logs of other administrators...
Open WebUI 资源管理错误漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A resource management error vulnerability exists in Open WebUI version 0.3.32, which stems from an unvalidated character length and could lead to a denial of service attack...
Open WebUI 安全漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI Open Source. A security vulnerability exists in Open WebUI version v10, which stems from improper path cleanup and could lead to unauthorized directory access...
Open WebUI 代码问题漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A code issue vulnerability exists in Open WebUI version 0.3.0, which stems from the audio API endpoint /audio/api/v1/transcriptions allowing arbitrary file uploads, which could lead to path...
PT-2025-12198 · Unknown · Open-Webui
Name of the Vulnerable Software and Affected Versions: open-webui/open-webui version 0.3.8 Description: The issue concerns a Server-Side Request Forgery SSRF vulnerability. Specifically, the /openai/models endpoint is affected, allowing an attacker to change the OpenAI URL to any URL without...
Open WebUI 代码问题漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A code issue vulnerability exists in Open WebUI version 0.3.8, which stems from server-side request forgery and could lead to internal services being accessed...
Open WebUI 跨站脚本漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A cross-site scripting vulnerability exists in Open WebUI version 0.3.8, which stems from the presence of stored cross-site scripting in the chat file upload function, which could lead to user...
Open WebUI 安全漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A security vulnerability exists in Open WebUI version v0.3.8 that stems from improper access control and allows an attacker to view any prompted information...
Open WebUI 安全漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A security vulnerability exists in Open WebUI version v0.3.8, which stems from a mismanagement of permissions that allows an administrator to delete other administrators via the API...
Open WebUI 安全漏洞
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A security vulnerability exists in Open WebUI version v0.3.8 that stems from improper access control and allows an attacker to view and delete arbitrary files...
编号撤回
Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI Open Source. This CVE number has been withdrawn...
CVE-2023-46271
CVE-2023-46271 describes a buffer overflow in Extreme Networks IQ Engine’s ah_webui service (listening on TCP 3009) that can allow network-adjacent attackers to reach critical functions and potentially execute code with root privileges. Affected software includes Extreme Networks IQ Engine versio...
Malicious code in presto-router-webui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5755c0de7cee5665001841d934d1285ebbf706e6d3ce52299f48c4ad8b9de88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-24796
RaspberryMatic is a free and open-source operating system for running a cloud-free smart-home using the homematicIP / HomeMatic hardware line of IoT devices. A Remote Code Execution RCE vulnerability in the file upload facility of the WebUI interface of RaspberryMatic exists. Missing input...
CVE-2025-23413
When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-23413 BIG-IP Next Central Manager vulnerability
When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...