CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

OSV•added 2025/02/06 5:15 p.m.•1 views

CVE-2024-39272

A cross-site scripting xss vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can lead to an arbitrary html code. An attacker can send a series of HTTP requests to trigger this vulnerability...

8.2CVSS5.8AI score

Exploits0References2

Vulnrichment•added 2025/02/06 4:47 p.m.•5 views

CVE-2024-39272

9CVSS8.7AI score0.00635EPSS

Exploits0References1

Positive Technologies•added 2025/02/06 12:0 a.m.•3 views

PT-2025-5836 · Unknown · Clearml Enterprise Server

Name of the Vulnerable Software and Affected Versions: ClearML Enterprise Server version 3.22.5-1533 Description: A cross-site scripting XSS issue exists in the dataset upload functionality. A specially crafted HTTP request can lead to arbitrary HTML code execution. An attacker can send a series ...

9CVSS6AI score0.00635EPSS

Exploits0References5

Talos•added 2025/02/06 12:0 a.m.•4 views

ClearML dataset upload XSS vulnerability

Talos Vulnerability Report TALOS-2024-2110 ClearML dataset upload XSS vulnerability February 6, 2025 CVE Number CVE-2024-39272 SUMMARY A cross-site scripting xss vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can...

9CVSS5.5AI score0.00635EPSS

Exploits0

Positive Technologies•added 2024/02/06 12:0 a.m.•2 views

PT-2024-20473 · Allegro Ai · Clearml

Name of the Vulnerable Software and Affected Versions: Allegro AI's ClearML platform versions 1.4.0 through 1.14.1 Description: A path traversal vulnerability in the client SDK of Allegro AI's ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary...

8.8CVSS8.6AI score0.00529EPSS

Exploits1References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by