Lucene search
K

6 matches found

OSV
OSV
added 2024/06/27 7:15 p.m.12 views

PYSEC-2024-268

A Server-Side Request Forgery SSRF vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions = ChuanhuChatGPT-20240410-git.zip. This vulnerability allows attackers to send crafted requests from the vulnerable server to internal or external resources, potential...

9.8CVSS7.1AI score0.00523EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/27 6:44 p.m.40 views

CVE-2024-5822 Server-Side Request Forgery (SSRF) in gaizhenbiao/ChuanhuChatGPT

A Server-Side Request Forgery SSRF vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions = ChuanhuChatGPT-20240410-git.zip. This vulnerability allows attackers to send crafted requests from the vulnerable server to internal or external resources, potential...

7.3CVSS0.00523EPSS
Exploits1References1
Prion
Prion
added 2023/06/07 6:15 p.m.15 views

Code injection

mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. A vulnerability has been discovered in mailcow which allows an attacker to manipulate internal Dovecot variables by using specially crafted...

6.5CVSS8.4AI score0.00979EPSS
Exploits0References3
Prion
Prion
added 2023/05/18 5:15 p.m.16 views

Design/Logic Flaw

OpenText Documentum Content Server before 23.2 has a flaw that allows for privilege escalation from a non-privileged Documentum user to root. The software comes prepackaged with a root owned SUID binary dmsecurewriter. The binary has security controls in place preventing creation of a file in a...

4.3CVSS7.9AI score0.0028EPSS
Exploits1References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/12 6:5 p.m.36 views

Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private - fluentd

Summary IBM Cloud Private fluentd component is vulnerable to multiple security vulnerabilities Vulnerability Details CVEID: CVE-2018-16396 DESCRIPTION: Ruby could allow a remote attacker to bypass security restrictions, caused by the failure to properly check security controls. By sending a...

10CVSS0.8AI score0.49268EPSS
Exploits4Affected Software1
OpenVAS
OpenVAS
added 2018/11/14 12:0 a.m.54 views

Microsoft Windows Latest Servicing Stack Updates-Defense in Depth (KB4093430)

This host is missing an important security update according to Microsoft KB4093430. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

7.2AI score
Exploits0References2
Rows per page
Query Builder