9 matches found
EUVD-2023-55799
Malicious code in bioql PyPI...
EUVD-2024-47945
Malicious code in bioql PyPI...
PT-2025-12191 · Mintplex · Anything-Llm
Name of the Vulnerable Software and Affected Versions: mintplex-labs/anything-llm version 1d9452da2b92 Description: A denial of service issue arises when uploading an audio file with a very low sample rate, causing the site instance to crash. This occurs due to the localWhisper implementation,...
CVE-2024-6959
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service DOS attack when uploading an audio file. If an attacker appends a large number of characters to the end of a multipart boundary, the system will continuously process each character, rendering lollms-webui...
Nagios XI < 2024R1.0.1 XSS Vulnerability
According to the self-reported version of Nagios XI, the remote host is affected by a stored cross-site scripting XSS vulnerability in the NOC component of Nagios XI version up to and including 2024R1 allows low-privileged users to execute malicious HTML or JavaScript code via the audio file uplo...
CVE-2023-51072
A stored cross-site scripting XSS vulnerability in the NOC component of Nagios XI version up to and including 2024R1 allows low-privileged users to execute malicious HTML or JavaScript code via the audio file upload functionality from the Operation Center section. This allows any authenticated us...
CVE-2023-51072
A stored cross-site scripting XSS vulnerability in the NOC component of Nagios XI version up to and including 2024R1 allows low-privileged users to execute malicious HTML or JavaScript code via the audio file upload functionality from the Operation Center section. This allows any authenticated us...
CVE-2023-51072
A stored cross-site scripting XSS vulnerability in the NOC component of Nagios XI version up to and including 2024R1 allows low-privileged users to execute malicious HTML or JavaScript code via the audio file upload functionality from the Operation Center section. This allows any authenticated us...
CVE-2023-51072
Nagios XI vulnerability CVE-2023-51072: a stored XSS in the NOC component affecting Nagios XI versions up to 2024R1 via the audio file upload in Operation Center. The issue allows low-privileged, authenticated users to inject arbitrary HTML/JavaScript, potentially executing code in other users’ b...