Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:50 a.m.5 views

CVE-2024-6396

A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...

9.8CVSS9.7AI score0.53113EPSS
Exploits1References1
Circl
Circl
added 2024/07/12 2:41 a.m.238 views

CVE-2024-6396

creationtimestamp| type| source ---|---|--- 2024-07-12 02:41:34+00:00| seen| https://t.me/cvedetector/700 2025-02-01 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-02-01 2025-02-06 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilitie...

9.8CVSS7.3AI score0.53113EPSS
In wildExploits1References4
NVD
NVD
added 2024/07/12 12:15 a.m.12 views

CVE-2024-6396

A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...

9.8CVSS0.53113EPSS
Exploits1References1
CVE
CVE
added 2024/07/12 12:0 a.m.85 views

CVE-2024-6396

An vulnerability in the _backup_run function of aimhubio/aim 3.19.3 allows remote attackers to manipulate run_hash and repo.path to create/write arbitrary files on the host and exfiltrate data, with potential for denial of service, data loss, or remote code execution. Confirmed by connected sourc...

9.8CVSS9.8AI score0.53113EPSS
In wildExploits1References1Affected Software1
Rows per page
Query Builder