Lucene search
K

2994 matches found

Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.6 views

PT-2025-12177 · Unknown · Open-Webui

Name of the Vulnerable Software and Affected Versions: open-webui/open-webui version v0.3.8 Description: The application exhibits improper privilege management. An attacker with administrator privileges can delete other administrators by directly accessing the API endpoint...

8.3CVSS8.2AI score0.00647EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.6 views

PT-2025-12097 · Unknown · Automatic1111/Stable-Diffusion-Webui

Name of the Vulnerable Software and Affected Versions: automatic1111/stable-diffusion-webui version 1.10.0 Description: A Cross-Site WebSocket Hijacking CSWSH vulnerability allows an attacker to clone a malicious server extension from a GitHub repository. The vulnerability is due to a lack of...

9.6CVSS9.1AI score0.00375EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.5 views

PT-2025-12173 · Unknown · Open-Webui

Name of the Vulnerable Software and Affected Versions: open-webui/open-webui version 0.3.8 Description: An arbitrary file write vulnerability exists in the download model endpoint. When deployed on Windows, the application improperly handles file paths, allowing an attacker to manipulate the file...

7.2CVSS7.1AI score0.01125EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.5 views

PT-2025-12176 · Unknown · Open-Webui/Open-Webui

Name of the Vulnerable Software and Affected Versions: open-webui/open-webui version 0.3.8 Description: A vulnerability allows an unauthenticated attacker to sign up with excessively large text in the name field, causing the Admin panel to become unresponsive. This prevents administrators from...

7.5CVSS7.3AI score0.00799EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.7 views

Open WebUI 访问控制错误漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. An Access Control Error vulnerability exists in Open WebUI version v0.3.8, which stems from improper access control that allows an administrator to view the chat logs of other administrators...

4.9CVSS5.1AI score0.00562EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

Open WebUI 资源管理错误漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A resource management error vulnerability exists in Open WebUI version 0.3.32, which stems from an unvalidated character length and could lead to a denial of service attack...

7.5CVSS7.3AI score0.00811EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.8 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI Open Source. A security vulnerability exists in Open WebUI version v10, which stems from improper path cleanup and could lead to unauthorized directory access...

4.4CVSS4.9AI score0.00311EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.4 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A code issue vulnerability exists in Open WebUI version 0.3.0, which stems from the audio API endpoint /audio/api/v1/transcriptions allowing arbitrary file uploads, which could lead to path...

8.1CVSS8.4AI score0.00881EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.8 views

PT-2025-12198 · Unknown · Open-Webui

Name of the Vulnerable Software and Affected Versions: open-webui/open-webui version 0.3.8 Description: The issue concerns a Server-Side Request Forgery SSRF vulnerability. Specifically, the /openai/models endpoint is affected, allowing an attacker to change the OpenAI URL to any URL without...

7.7CVSS7.7AI score0.24461EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.7 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A code issue vulnerability exists in Open WebUI version 0.3.8, which stems from server-side request forgery and could lead to internal services being accessed...

7.7CVSS7.5AI score0.24461EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

Open WebUI 跨站脚本漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A cross-site scripting vulnerability exists in Open WebUI version 0.3.8, which stems from the presence of stored cross-site scripting in the chat file upload function, which could lead to user...

8.9CVSS6.2AI score0.00477EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A security vulnerability exists in Open WebUI version v0.3.8 that stems from improper access control and allows an attacker to view any prompted information...

4.3CVSS4.7AI score0.00401EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A security vulnerability exists in Open WebUI version v0.3.8, which stems from a mismanagement of permissions that allows an administrator to delete other administrators via the API...

8.3CVSS8AI score0.00647EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.6 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI open source. A security vulnerability exists in Open WebUI version v0.3.8 that stems from improper access control and allows an attacker to view and delete arbitrary files...

8.8CVSS7.9AI score0.00563EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.4 views

编号撤回

Open WebUI is an extensible, feature-rich, user-friendly self-hosted WebUI from Open WebUI Open Source. This CVE number has been withdrawn...

7.6AI score
Exploits0References1
CVE
CVE
added 2025/02/19 12:0 a.m.59 views

CVE-2023-46271

CVE-2023-46271 describes a buffer overflow in Extreme Networks IQ Engine’s ah_webui service (listening on TCP 3009) that can allow network-adjacent attackers to reach critical functions and potentially execute code with root privileges. Affected software includes Extreme Networks IQ Engine versio...

9.8CVSS6.8AI score0.00705EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/07 6:11 a.m.3 views

Malicious code in presto-router-webui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5755c0de7cee5665001841d934d1285ebbf706e6d3ce52299f48c4ad8b9de88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 9:42 p.m.7 views

CVE-2022-24796

RaspberryMatic is a free and open-source operating system for running a cloud-free smart-home using the homematicIP / HomeMatic hardware line of IoT devices. A Remote Code Execution RCE vulnerability in the file upload facility of the WebUI interface of RaspberryMatic exists. Missing input...

10CVSS8.4AI score0.03517EPSS
Exploits0References1
NVD
NVD
added 2025/02/05 6:15 p.m.26 views

CVE-2025-23413

When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.7CVSS0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 5:31 p.m.17 views

CVE-2025-23413 BIG-IP Next Central Manager vulnerability

When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.7CVSS0.00159EPSS
Exploits0References1
Rows per page
Query Builder