Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2024/10/12 2:48 a.m.3 views

SUSE CVE-2024-47868

Gradio is an open-source Python package designed for quick prototyping. This is a data validation vulnerability affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected...

7.5CVSS6.6AI score0.00804EPSS
Exploits1References3
OSV
OSV
added 2024/10/10 11:15 p.m.13 views

PYSEC-2024-217

Gradio is an open-source Python package designed for quick prototyping. This is a data validation vulnerability affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected...

7.5CVSS7.5AI score0.00804EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/10 10:18 p.m.17 views

CVE-2024-47868 Several components’ post-process steps may allow arbitrary file leaks in Gradio

Gradio is an open-source Python package designed for quick prototyping. This is a data validation vulnerability affecting several Gradio components, which allows arbitrary file leaks through the post-processing step. Attackers can exploit these components by crafting requests that bypass expected...

6.3CVSS6.7AI score0.00804EPSS
Exploits1References1
OSV
OSV
added 2024/08/23 8:15 p.m.4 views

CVE-2024-45190

Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Pipeline Interaction" request...

6.5CVSS5.9AI score0.00859EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2024/05/08 2:28 a.m.62 views

Exploit for Path Traversal in Jenkins

CVE-2024-23897 - Jenkins Arbitra...

9.8CVSS9AI score0.99999EPSS
Exploits46
GithubExploit
GithubExploit
added 2024/05/08 2:28 a.m.456 views

Exploit for Path Traversal in Jenkins

CVE-2024-23897 - Jenkins Arbitra...

9.8CVSS9.8AI score0.99999EPSS
Exploits46
Hacker One
Hacker One
added 2021/11/23 11:44 p.m.29 views

Nextcloud: Access to arbitrary file of the Nextcloud Android app from within the Nextcloud Android app

Summary: The Android client of nextcloud com.nextcloud.client allows arbitrary file including protected/private files to be leaked through the file upload functionality. Steps To Reproduce: A report 1142918 has been submitted for the vulnerability of leaking arbitrary protected files. NextCloud...

1.7CVSS0.3AI score0.003EPSS
Exploits0
Rows per page
Query Builder