3 matches found
CVE-2026-27482
CVE-2026-27482 affects Ray’s dashboard HTTP server. In versions 2.53.0 and below, DELETE endpoints are unauthenticated, and the server may be reachable on 0.0.0.0, enabling a browser-based request (DNS rebinding or same-network) to issue DELETE requests that shut down Serve or delete jobs without...
CVE-2020-6101
An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered fr...
CVE-2018-3885
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The orderby parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger thes...