CVE-2024-10553

A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitrary code via deserialization of untrusted data. The vulnerability exists in the endpoints POST /99/ImportSQLTable and POST /3/SaveToHiveTable, where user-controlled JDBC URLs are...

CVE-2024-10830

A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint /v1/resource/file/delete. This vulnerability allows an attacker to delete any file on the server by manipulating the filekey parameter. The filekey parameter is not properly sanitized, enabling an...

GHSA-F4HC-Q562-CC5R AgentScope Path Traversal in /api/file

A path traversal vulnerability exists in modelscope/agentscope version v.0.0.4. The API endpoint /api/file does not properly sanitize the path parameter, allowing an attacker to read arbitrary files on the server...

Open WebUI allows Remote Code Execution via Arbitrary File Upload to /audio/api/v1/transcriptions

OpenWebUI version 0.3.0 contains a vulnerability in the audio API endpoint /audio/api/v1/transcriptions that allows for arbitrary file upload. The application performs insufficient validation on the file.contenttype and allows user-controlled filenames, leading to a path traversal vulnerability...

GHSA-227R-W5J2-6243 InvokeAI Arbitrary File Deletion vulnerability

In invoke-ai/invokeai version v5.0.2, the web API POST /api/v1/images/delete is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite...

DB-GPT Arbitrary File Write vulnerability

In eosphoros-ai/db-gpt version v0.6.3 and earlier, the web API POST /api/v1/editor/chart/run allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write, enabling them to write arbitrary files to the victim...

CVE-2025-0190

In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large number of Text objects and then querying them simultaneously through the web API, the Aim web server becomes unresponsive to other requests for an extended period while processing and returning these...

CVE-2024-9919

A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/appname API endpoint does not call the checkaccess function to verify the clientid, enabling attackers to delete directories without...

CVE-2024-9919

A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/appname API endpoint does not call the checkaccess function to verify the clientid, enabling attackers to delete directories without...

CVE-2024-9418

In version 0.0.14 of transformeroptimus/superagi, the API endpoint /api/users/get/id returns the user's password in plaintext. This vulnerability allows an attacker to retrieve the password of another user, leading to potential account takeover...

CVE-2024-8954

In composiohq/composio version 0.5.10, the API does not validate the x-api-key header's value during the authentication step. This vulnerability allows an attacker to bypass authentication by providing any random value in the x-api-key header, thereby gaining unauthorized access to the server...

CVE-2024-8954

In composiohq/composio version 0.5.10, the API does not validate the x-api-key header's value during the authentication step. This vulnerability allows an attacker to bypass authentication by providing any random value in the x-api-key header, thereby gaining unauthorized access to the server...

CVE-2024-8249

mintplex-labs/anything-llm version git 6dc3642 contains an unauthenticated Denial of Service DoS vulnerability in the API for the embeddable chat functionality. An attacker can exploit this vulnerability by sending a malformed JSON payload to the API endpoint, causing a server crash due to an...

CVE-2024-8020

A vulnerability in lightning-ai/pytorch-lightning version 2.3.2 allows an attacker to cause a denial of service by sending an unexpected POST request to the /api/v1/state endpoint of LightningApp. This issue occurs due to improper handling of unexpected state values, which results in the server...

CVE-2024-11042

In invoke-ai/invokeai version v5.0.2, the web API POST /api/v1/images/delete is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite...

CVE-2024-11042

In invoke-ai/invokeai version v5.0.2, the web API POST /api/v1/images/delete is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite...

CVE-2024-10830

A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint /v1/resource/file/delete. This vulnerability allows an attacker to delete any file on the server by manipulating the filekey parameter. The filekey parameter is not properly sanitized, enabling an...

CVE-2024-12766 SSRF in parisneo/lollms-webui

parisneo/lollms-webui version V13 feather suffers from a Server-Side Request Forgery SSRF vulnerability in the POST /api/proxy REST API. Attackers can exploit this vulnerability to abuse the victim server's credentials to access unauthorized web resources by specifying the JSON parameter...

CVE-2024-7039 Improper Privilege Management in open-webui/open-webui

In open-webui/open-webui version v0.3.8, there is an improper privilege management vulnerability. The application allows an attacker, acting as an admin, to delete other administrators via the API endpoint http://0.0.0.0:8080/api/v1/users/uuidadministrator. This action is restricted by the user...

CVE-2024-8898 Path Traversal in parisneo/lollms-webui

A path traversal vulnerability exists in the install and uninstall API endpoints of parisneo/lollms-webui version V12 Strawberry. This vulnerability allows attackers to create or delete directories with arbitrary paths on the system. The issue arises due to insufficient sanitization of...