Lucene search
K

110 matches found

OSV
OSV
added 2025/03/19 8:22 p.m.7 views

CVE-2025-27781 Applio allows unsafe deserialization in inference.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in inference.py. modelfile in inference.py as well as modelfile in tts.py take user-supplied input e.g. a path to a model and pass that value to the changechoices and later to getspeakersid...

9.3CVSS8AI score0.00845EPSS
Exploits0References7
OSV
OSV
added 2025/03/19 8:16 p.m.6 views

CVE-2025-27780 Applio allows unsafe deserialization in model_information.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...

9.3CVSS8AI score0.00845EPSS
Exploits0References6
CVE
CVE
added 2025/03/19 8:16 p.m.62 views

CVE-2025-27780

Summary: CVE-2025-27780 affects Applio (versions ≤ 3.2.8-bugfix). It stems from unsafe deserialization in model_information.py where model_name accepts user-supplied input and is passed to torch.load, enabling remote code execution. Impact: remote code execution potential. Status/Remediation: a p...

9.8CVSS7.5AI score0.00845EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/03/19 8:16 p.m.13 views

CVE-2025-27780 Applio allows unsafe deserialization in model_information.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...

9.3CVSS0.00845EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/03/19 8:16 p.m.6 views

CVE-2025-27780 Applio allows unsafe deserialization in model_information.py

Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...

9.3CVSS7.4AI score0.00845EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/03/19 12:0 a.m.4 views

PT-2025-11979 · Applio · Applio

Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.7 and prior Description: Applio is a voice conversion tool. The issue allows for server-side request forgery SSRF in model download.py, which can be leveraged to probe for other vulnerabilities on the server itself or on...

8.7CVSS6.5AI score0.00394EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.3 views

Applio 路径遍历漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. A path traversal vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an arbitrary file write issue in inference.py, and could lead to the writing of an arbitrary file on the Applio server, or ...

9.8CVSS8AI score0.013EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.5 views

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery and file write issue in modeldownload.py, and could lead to an attacker sending requests on behalf of t...

9.3CVSS8AI score0.00531EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.5 views

Applio 信息泄露漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. An information disclosure vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an arbitrary file read issue in the exportpth function of train.py, which could lead to reading arbitrary files on...

8.7CVSS6AI score0.00525EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.5 views

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery and file write issue in modeldownload.py, which could lead an attacker to send a request on behalf of t...

9.3CVSS7AI score0.00531EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/03/19 12:0 a.m.5 views

PT-2025-11980 · Applio · Applio

Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.8-bugfix and prior Description: Applio is a voice conversion tool vulnerable to unsafe deserialization in infer.py. This issue can lead to remote code execution. A fix was available on the main branch of the Applio...

9.8CVSS7.2AI score0.00896EPSS
Exploits0References14
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.4 views

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an insecure deserialization issue in infer.py that could lead to remote code execution...

9.8CVSS7.8AI score0.00896EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.4 views

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery and file write issue in modeldownload.py, which could lead an attacker to send a request on behalf of t...

9.3CVSS7AI score0.00531EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.5 views

Applio 代码问题漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an insecure deserialization issue in modelinformation.py that could lead to remote code execution...

9.8CVSS7.8AI score0.00845EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.5 views

Applio 路径遍历漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. A path traversal vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an arbitrary file write issue in train.py, and could lead to the writing of arbitrary files on the Applio server, or in...

9.8CVSS8AI score0.00995EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/03/19 12:0 a.m.11 views

PT-2025-11983 · Applio · Applio

Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.8-bugfix and prior Description: The issue affects a voice conversion tool, allowing for arbitrary file write in the train.py file. This can lead to writing arbitrary files on the server and potentially achieve remote code...

9.8CVSS7.3AI score0.00995EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/03/19 12:0 a.m.4 views

PT-2025-11984 · Applio · Applio

Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.8-bugfix and prior Description: The issue affects a voice conversion tool and may lead to reading arbitrary files on the Applio server. It can also be used in conjunction with blind server-side request forgery to read file...

8.7CVSS7.1AI score0.00525EPSS
Exploits1References18
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.4 views

Applio 注入漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. An injection vulnerability exists in Applio 3.2.8-bugfix and earlier versions, which stems from a denial of service issue in restart.py, where the modelname parameter of train.py accepts user input and passes it to the...

8.8CVSS7AI score0.00744EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.5 views

Applio 信息泄露漏洞

Applio is an open source AI speech conversion tool from Spanish AI Hispano. An information disclosure vulnerability exists in Applio 3.2.8-bugfix and earlier versions, which stems from an arbitrary file read issue in the exportindex function of train.py, which could lead to the reading of arbitra...

8.7CVSS6.2AI score0.00515EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/19 12:0 a.m.5 views

Applio 代码问题漏洞

Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery issue in modeldownload.py that could lead an attacker to send requests on behalf of the Applio server...

8.7CVSS6.8AI score0.00394EPSS
Exploits0References4
Rows per page
Query Builder