PT-2023-29956 · Unknown · Sd-Webui-Infinite-Image-Browsing

Name of the Vulnerable Software and Affected Versions: sd-webui-infinite-image-browsing extension versions before 977815a Description: The issue allows remote attackers to read any local file via the "/file?path=" endpoint in the URL, as demonstrated by reading /proc/self/environ to discover...

CVE-2023-46315

The CVE-2023-46315 issue affects the sd-webui-infinite-image-browsing extension for stable-diffusion-webui up to version 977815a. If Gradio authentication is enabled without a secret key, an unauthenticated remote attacker can read local files via the /file?path= endpoint, with demonstrations inc...

CVE-2023-46315

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

Grafana Labs WebUI Default Credentials

Binary data grafanalabswebuidefaultcreds.nbin...

GHSA-CRV8-R5WQ-GV2W webui-aria2 Path Traversal vulnerability

webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability...

webui-aria2 Path Traversal vulnerability

webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability...

CVE-2023-39141

webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability...

CVE-2023-39141

webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability...

Path traversal

webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability...

WebUI-Aria2 路径遍历漏洞

WebUI-Aria2 is an application for hamza zia personal developers. It is used to create interfaces to interact with aria2. A path traversal vulnerability exists in WebUI-Aria2 version 4fe2e, which stems from accepting filenames from URL input without cleaning them up...

CVE-2023-39141

webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability...

CVE-2023-39141

webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability...

PT-2023-6726 · Unknown · Webui-Aria2

Name of the Vulnerable Software and Affected Versions: webui-aria2 version 4fe2e Description: The issue is related to a path traversal vulnerability in the WebUI-Aria2 interface. This vulnerability is due to incorrect restriction of the directory path name with limited access. Exploitation of thi...

CVE-2023-39141

CVE-2023-39141 concerns a path traversal vulnerability in the WebUI-Aria2 interface tracked by multiple sources. The issue arises in the WebUI commit 4fe2e, allowing an attacker to access sensitive files on the server via crafted URL input. Documented impact states potential unauthorized disclosu...

CVE-2023-4362

Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-4362

Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-4362

Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-4362

Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-4362

CVE-2023-4362 affects Google Chrome/Chromium prior to 116.0.5845.96. It is a heap buffer overflow in Mojom IDL that could allow a remote attacker who has already compromised the renderer process and gained control of a WebUI process to trigger heap corruption via a crafted HTML page, with impact ...

CVE-2023-4362

Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...