38 matches found
CVE-2026-45396 Open WebUI: Mass Assignment via FeedbackForm extra=allow Allows Feedback User ID Spoofing and Evaluation Data Manipulation
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the POST /api/v1/evaluations/feedback endpoint in Open WebUI v0.9.2 is vulnerable to mass assignment via FeedbackForm, which uses modelconfig = ConfigDictextra='allow'. Due to an...
EUVD-2024-45479
Malicious code in bioql PyPI...
CVE-2024-51678
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marcel Pol Elo Rating Shortcode elo-rating-shortcode allows Stored XSS.This issue affects Elo Rating Shortcode: from n/a through = 1.0.3...
CVE-2024-51678
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marcel Pol Elo Rating Shortcode elo-rating-shortcode allows Stored XSS.This issue affects Elo Rating Shortcode: from n/a through = 1.0.3...
CVE-2024-51678
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Marcel Pol Elo Rating Shortcode allows Stored XSS.This issue affects Elo Rating Shortcode: from n/a through 1.0.3...
CVE-2024-51678 WordPress Elo Rating Shortcode plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marcel Pol Elo Rating Shortcode elo-rating-shortcode allows Stored XSS.This issue affects Elo Rating Shortcode: from n/a through = 1.0.3...
CVE-2024-51678 WordPress Elo Rating Shortcode plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Marcel Pol Elo Rating Shortcode elo-rating-shortcode allows Stored XSS.This issue affects Elo Rating Shortcode: from n/a through = 1.0.3...
WordPress plugin Elo Rating Shortcode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-34823 · Marcel Pol · Elo Rating Shortcode
Name of the Vulnerable Software and Affected Versions: Elo Rating Shortcode versions 1.0.3 and earlier Elo Rating Shortcode versions prior to 1.0.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows...
WordPress Elo Rating Shortcode plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Elo Rating Shortcode versions = 1.0.3...
WordPress Elo Rating Shortcode Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Elo Rating Shortcode Type Plugin Vulnerable versions = 1.0.3 Fixed in 1.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51678 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d41ddd00b669 Credits theviper17 Required privilege...
kernel: memory leak in drivers/hid/hid-elo.c
A memory leak flaw was found in eloprobe in drivers/hid/hid-elo.c in the Human Interface Devices HID in the Linux kernel. This issue allows an attacker to cause a denial of service when hidparse in eloprobe fails...
SUSE CVE-2022-27950
In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hidparse error condition...
kernel: memory leak in drivers/hid/hid-elo.c
A memory leak flaw was found in eloprobe in drivers/hid/hid-elo.c in the Human Interface Devices HID in the Linux kernel. This issue allows an attacker to cause a denial of service when hidparse in eloprobe fails...
IBM Engineering Lifecycle Optimization信息泄露漏洞
IBM Engineering Lifecycle Optimization ELO is an extension of the Engineering Lifecycle Management ELM product portfolio from IBM USA. They make it easier to collect and analyze data from across the development environment to make better decisions. Automate reporting to ensure the entire...
In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11 a memory leak exists for a certain hid_parse error condition.
...
DEBIAN-CVE-2022-27950
In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hidparse error condition...
CVE-2022-27950
In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hidparse error condition...
CVE-2022-27950
In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hidparse error condition...
UBUNTU-CVE-2022-27950
In drivers/hid/hid-elo.c in the Linux kernel before 5.16.11, a memory leak exists for a certain hidparse error condition...