EUVD-2020-19336

Malware in sbrugna...

CVE-2020-26800

A stack overflow vulnerability in Aleth Ethereum C++ client version = 1.8.0 using a specially crafted a config.json file may result in a denial of service...

CVE-2025-1550

CVE-2025-1550 concerns a vulnerability in Keras where the Model.load_model function can execute arbitrary code via a malicious .keras archive that alters config.json to load modules/functions with crafted arguments. The issue persists even with safe_mode enabled, enabling potential code execution...

CVE-2024-39688 fishaudio/Bert-VITS2 Limited File Write in webui_preprocess.py generate_config function

Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is concatenated with other folders and used to open a new file in the generateconfig function, which leads to a limited file write. The issue allows for writing /config/config.json file in arbitra...

CVE-2024-2217 Improper Access Control in gaizhenbiao/chuanhuchatgpt

gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access to the config.json file. This vulnerability is present in both authenticated and unauthenticated versions of the application, enabling attackers to obtain sensitive information such as API keys...