Lucene search
K

103 matches found

Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.5 views

CVE-2024-12391 Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic

A vulnerability in binary-husky/gptacademic, as of commit 310122f, allows for a Regular Expression Denial of Service ReDoS attack. The function '解析项目源码(手动指定和筛选源码文件类型)' permits the execution of user-provided regular expressions. Certain regular expressions can cause the Python RE engine to take...

6.5CVSS6.6AI score0.00846EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:10 a.m.52 views

CVE-2024-12391

The CVE-2024-12391 entry affects binary-husky/gpt_academic (commit 310122f). The vulnerability arises in the function 解析项目源码(手动指定和筛选源码文件类型) that executes user-provided regular expressions, enabling a Regular Expression Denial of Service (ReDoS). Certain regex patterns can cause the Python RE engi...

6.5CVSS6.6AI score0.00846EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.8 views

CVE-2024-11033 Denial of Service (DoS) in binary-husky/gpt_academic

A Denial of Service DoS vulnerability exists in the file upload feature of binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this vulnerability by sending a payload with an...

6.5CVSS0.00671EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:10 a.m.3 views

CVE-2024-11033 Denial of Service (DoS) in binary-husky/gpt_academic

A Denial of Service DoS vulnerability exists in the file upload feature of binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this vulnerability by sending a payload with an...

6.5CVSS6.6AI score0.00671EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.6 views

CVE-2024-11033 Denial of Service (DoS) in binary-husky/gpt_academic

A Denial of Service DoS vulnerability exists in the file upload feature of binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this vulnerability by sending a payload with an...

6.5CVSS6.5AI score0.00671EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:10 a.m.46 views

CVE-2024-11033

CVE-2024-11033 affects binary-husky/gpt_academic v3.83, where the file upload feature mishandles form-data with an excessively large filename. Reported impact is a DoS, making the server unavailable for legitimate users due to resource exhaustion. The available connected documents confirm the aff...

6.5CVSS6.5AI score0.00671EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.5 views

CVE-2024-10819 CSRF to XSS in binary-husky/gpt_academic

A Cross-Site Request Forgery CSRF vulnerability in version 3.83 of binary-husky/gptacademic allows an attacker to trick a user into uploading files without their consent, exploiting their session. This can lead to unauthorized file uploads and potential system compromise. The uploaded file can...

7.1CVSS0.00223EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.20 views

CVE-2025-0183 Stored XSS in binary-husky/gpt_academic

A stored cross-site scripting XSS vulnerability exists in the Latex Proof-Reading Module of binary-husky/gptacademic version 3.9.0. This vulnerability allows an attacker to inject malicious scripts into the debuglog.html file generated by the module. When an admin visits this debug report, the...

5.4CVSS0.00363EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.8 views

CVE-2025-0183 Stored XSS in binary-husky/gpt_academic

A stored cross-site scripting XSS vulnerability exists in the Latex Proof-Reading Module of binary-husky/gptacademic version 3.9.0. This vulnerability allows an attacker to inject malicious scripts into the debuglog.html file generated by the module. When an admin visits this debug report, the...

5.4CVSS5.2AI score0.00363EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:10 a.m.55 views

CVE-2025-0183

CVE-2025-0183 describes a stored cross-site scripting (XSS) vulnerability in the Latex Proof-Reading Module of binary-husky/gpt_academic, version 3.9.0. The issue arises from insufficient filtering/escaping of user-supplied data, allowing an attacker to inject malicious scripts into the debug_log...

5.4CVSS5.5AI score0.00363EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.6 views

CVE-2024-12388 Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic

A vulnerability in binary-husky/gptacademic version 310122f allows for a Regular Expression Denial of Service ReDoS attack. The application uses a regular expression to parse user input, which can take polynomial time to match certain crafted inputs. This allows an attacker to send a small...

6.5CVSS6.4AI score0.00671EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.7 views

CVE-2024-12388 Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic

A vulnerability in binary-husky/gptacademic version 310122f allows for a Regular Expression Denial of Service ReDoS attack. The application uses a regular expression to parse user input, which can take polynomial time to match certain crafted inputs. This allows an attacker to send a small...

6.5CVSS0.00671EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:10 a.m.44 views

CVE-2024-12388

CVE-2024-12388 concerns a Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic (version 310122f). The vulnerability arises from a regex used to parse user input, whose matching time can grow polynomially for crafted inputs, potentially rendering the server unresponsive and un...

6.5CVSS6.4AI score0.00671EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/03/20 10:9 a.m.6 views

CVE-2024-11039 Deserialization of Untrusted Data in binary-husky/gpt_academic

A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gptacademic versions up to and including 3.83. This vulnerability allows attackers to achieve remote command execution by deserializing untrusted data. The issue arises from the...

8.8CVSS7.3AI score0.01837EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/20 10:9 a.m.7 views

CVE-2024-11039 Deserialization of Untrusted Data in binary-husky/gpt_academic

A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gptacademic versions up to and including 3.83. This vulnerability allows attackers to achieve remote command execution by deserializing untrusted data. The issue arises from the...

8.8CVSS0.01837EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.5 views

CVE-2024-11039 Deserialization of Untrusted Data in binary-husky/gpt_academic

A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gptacademic versions up to and including 3.83. This vulnerability allows attackers to achieve remote command execution by deserializing untrusted data. The issue arises from the...

8.8CVSS8.7AI score0.01837EPSS
Exploits1References2
CVE
CVE
added 2025/03/20 10:9 a.m.47 views

CVE-2024-11039

CVE-2024-11039 affects binary-husky/gpt_academic

8.8CVSS8.7AI score0.01837EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/03/20 10:9 a.m.2 views

CVE-2024-10812 Open Redirect in binary-husky/gpt_academic

An open redirect vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability occurs when a user is redirected to a URL specified by user-controlled input in the 'file' parameter without proper validation or sanitization. This can be exploited by attackers to conduct phishing...

6.1CVSS6.4AI score0.00574EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/03/20 10:9 a.m.10 views

CVE-2024-10812 Open Redirect in binary-husky/gpt_academic

An open redirect vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability occurs when a user is redirected to a URL specified by user-controlled input in the 'file' parameter without proper validation or sanitization. This can be exploited by attackers to conduct phishing...

6.1CVSS0.00574EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:9 a.m.83 views

CVE-2024-10812

CVE-2024-10812 affects binary-husky/gpt_academic (v3.83) with an open redirect via the file parameter. The Nuclei template for GPT Academic v1.3.9 confirms the issue arises from user-controlled input that redirects to attacker-controlled URLs, enabling phishing, malware distribution, and credenti...

6.1CVSS6.2AI score0.00574EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder