Lucene search
K

4 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-28108

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01369EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/10 6:50 p.m.8 views

CVE-2024-10649 Unauthenticated File Upload in wandb/openui

wandb/openui latest commit c945bb859979659add5f490a874140ad17c56a5d contains a vulnerability where unauthenticated endpoints allow file uploads and downloads from an AWS S3 bucket. This can lead to multiple security issues including denial of service, stored XSS, and information disclosure. The...

6.1CVSS6.6AI score0.00269EPSS
Exploits0References1
CVE
CVE
added 2025/02/10 6:50 p.m.46 views

CVE-2024-10649

CVE-2024-10649 affects wandb/openui (commit c945bb859979659add5f490a874140ad17c56a5d). The vulnerability arises from unauthenticated endpoints that allow uploading and downloading files to an AWS S3 bucket via the /v1/share/{id:str} endpoints, enabling potential denial of service, stored XSS, and...

6.1CVSS6.6AI score0.00269EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/06/06 7:10 p.m.9 views

CVE-2022-24840 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in django-s3file

django-s3file is a lightweight file upload input for Django and Amazon S3 . In versions prior to 5.5.1 it was possible to traverse the entire AWS S3 bucket and in most cases to access or delete files. If the AWSLOCATION setting was set, traversal was limited to that location only. The issue was...

9.1CVSS9.6AI score0.01935EPSS
Exploits1References2
Rows per page
Query Builder