CVE-2009-10006 UFO: Alien Invasion <= 2.2.1 IRC Client Buffer Overflow

UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in its built-in IRC client component. When the client connects to an IRC server and receives a crafted numeric reply specifically a 001 message, the application fails to properly validate the length of...

CVE-2024-8251

A vulnerability in mintplex-labs/anything-llm prior to version 1.2.2 allows for Prisma injection. The issue exists in the API endpoint "/embed/:embedId/stream-chat" where user-provided JSON is directly taken to the Prisma library's where clause. An attacker can exploit this by providing a special...

CVE-2024-8251 Prisma Injection in mintplex-labs/anything-llm

A vulnerability in mintplex-labs/anything-llm prior to version 1.2.2 allows for Prisma injection. The issue exists in the API endpoint "/embed/:embedId/stream-chat" where user-provided JSON is directly taken to the Prisma library's where clause. An attacker can exploit this by providing a special...

CVE-2024-8251

CVE-2024-8251 affects mintplex-labs/anything-llm prior to version 1.2.2. The vulnerability resides in the API endpoint "/embed/:embedId/stream-chat" where user-provided JSON is passed directly to the Prisma where clause, enabling Prisma injection. An attacker can supply crafted JSON such as {"ses...