110 matches found
CVE-2025-27781 Applio allows unsafe deserialization in inference.py
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in inference.py. modelfile in inference.py as well as modelfile in tts.py take user-supplied input e.g. a path to a model and pass that value to the changechoices and later to getspeakersid...
CVE-2025-27780 Applio allows unsafe deserialization in model_information.py
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...
CVE-2025-27780
Summary: CVE-2025-27780 affects Applio (versions ≤ 3.2.8-bugfix). It stems from unsafe deserialization in model_information.py where model_name accepts user-supplied input and is passed to torch.load, enabling remote code execution. Impact: remote code execution potential. Status/Remediation: a p...
CVE-2025-27780 Applio allows unsafe deserialization in model_information.py
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...
CVE-2025-27780 Applio allows unsafe deserialization in model_information.py
Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in modelinformation.py. modelname in modelinformation.py takes user-supplied input e.g. a path to a model and pass that value to the runmodelinformationscript and later to modelinformation...
PT-2025-11979 · Applio · Applio
Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.7 and prior Description: Applio is a voice conversion tool. The issue allows for server-side request forgery SSRF in model download.py, which can be leveraged to probe for other vulnerabilities on the server itself or on...
Applio 路径遍历漏洞
Applio is an open source AI speech conversion tool from Spanish AI Hispano. A path traversal vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an arbitrary file write issue in inference.py, and could lead to the writing of an arbitrary file on the Applio server, or ...
Applio 代码问题漏洞
Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery and file write issue in modeldownload.py, and could lead to an attacker sending requests on behalf of t...
Applio 信息泄露漏洞
Applio is an open source AI speech conversion tool from Spanish AI Hispano. An information disclosure vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an arbitrary file read issue in the exportpth function of train.py, which could lead to reading arbitrary files on...
Applio 代码问题漏洞
Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery and file write issue in modeldownload.py, which could lead an attacker to send a request on behalf of t...
PT-2025-11980 · Applio · Applio
Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.8-bugfix and prior Description: Applio is a voice conversion tool vulnerable to unsafe deserialization in infer.py. This issue can lead to remote code execution. A fix was available on the main branch of the Applio...
Applio 代码问题漏洞
Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an insecure deserialization issue in infer.py that could lead to remote code execution...
Applio 代码问题漏洞
Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery and file write issue in modeldownload.py, which could lead an attacker to send a request on behalf of t...
Applio 代码问题漏洞
Applio is an open source AI speech conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an insecure deserialization issue in modelinformation.py that could lead to remote code execution...
Applio 路径遍历漏洞
Applio is an open source AI speech conversion tool from Spanish AI Hispano. A path traversal vulnerability exists in Applio 3.2.8-bugfix and prior versions, which stems from an arbitrary file write issue in train.py, and could lead to the writing of arbitrary files on the Applio server, or in...
PT-2025-11983 · Applio · Applio
Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.8-bugfix and prior Description: The issue affects a voice conversion tool, allowing for arbitrary file write in the train.py file. This can lead to writing arbitrary files on the server and potentially achieve remote code...
PT-2025-11984 · Applio · Applio
Name of the Vulnerable Software and Affected Versions: Applio versions 3.2.8-bugfix and prior Description: The issue affects a voice conversion tool and may lead to reading arbitrary files on the Applio server. It can also be used in conjunction with blind server-side request forgery to read file...
Applio 注入漏洞
Applio is an open source AI speech conversion tool from Spanish AI Hispano. An injection vulnerability exists in Applio 3.2.8-bugfix and earlier versions, which stems from a denial of service issue in restart.py, where the modelname parameter of train.py accepts user input and passes it to the...
Applio 信息泄露漏洞
Applio is an open source AI speech conversion tool from Spanish AI Hispano. An information disclosure vulnerability exists in Applio 3.2.8-bugfix and earlier versions, which stems from an arbitrary file read issue in the exportindex function of train.py, which could lead to the reading of arbitra...
Applio 代码问题漏洞
Applio is an open source AI voice conversion tool from Spanish AI Hispano. A code issue vulnerability exists in Applio 3.2.7 and earlier versions, which stems from a server-side request forgery issue in modeldownload.py that could lead an attacker to send requests on behalf of the Applio server...