CVE-2024-7038 Information Disclosure in open-webui/open-webui

An information disclosure vulnerability exists in open-webui version 0.3.8. The vulnerability is related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different error messages based on the existenc...

PT-2024-38040 · Unknown · Open-Webui

Name of the Vulnerable Software and Affected Versions: open-webui version 0.3.8 Description: An information disclosure issue exists related to the embedding model update feature under admin settings. When a user updates the model path, the system checks if the file exists and provides different...

CVE-2024-45291 Path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled in PHPSpreadsheet

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file that links images from arbitrary paths. When embedding images has been enabled in HTML writer with $writer-setEmbedImagestrue; those files will be included in th...

CVE-2024-45291

PHPSpreadsheet (PHPSpreadsheet) contains a path traversal/SRV (Server-Side Request Forgery) vulnerability in the HTML writer when embedImages is enabled. An XLSX can link images from arbitrary paths; output data: URLs may include local files and, with wrappers like expect://, enable remote reques...

Absolute Path Traversal

Overview Affected versions of this package are vulnerable to Absolute Path Traversal via the HTML writer process when embedding images. An attacker can read arbitrary files on the server and perform arbitrary HTTP GET requests by constructing an XLSX file that links images from arbitrary paths or...

PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled

Summary It's possible for an attacker to construct an XLSX file that links images from arbitrary paths. When embedding images has been enabled in HTML writer with $writer-setEmbedImagestrue; those files will be included in the output as data: URLs, regardless of the file's type. Also URLs can be...

PT-2024-31544

Name of the Vulnerable Software and Affected Versions PHPSpreadsheet versions prior to 1.29.2 PHPSpreadsheet versions prior to 2.1.1 PHPSpreadsheet versions prior to 2.3.0 Description The issue allows an attacker to construct an XLSX file that links images from arbitrary paths. When embedding...

The vulnerability of the OLE DB driver for SQL Server on Windows operating systems arises from insufficient validation of input data, allowing attackers to exploit their privileges.

The vulnerability of the OLE DB driver for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

PT-2024-6305 · Microsoft · Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the OLE DB driver for SQL Server on Windows operating systems. This can be exploited by a remote attacker to disclose...

PT-2024-36078 · WordPress · Gutentor

Name of the Vulnerable Software and Affected Versions: Gutentor WordPress plugin versions prior to 3.3.6 Description: The issue concerns the Gutentor WordPress plugin, which does not validate and escape some of its block options before outputting them back in a page or post where the block is...

nodejs: Bypass network import restriction via data URL

A flaw was found in the Node.js package. By embedding non-network imports in data URLs, this flaw allows an attacker to execute arbitrary code, compromising system security...

The vulnerability of the Windows OLE operating system component, which allows a hacker to execute arbitrary code.

The vulnerability of the Windows OLE operating system is related to overflow in the “heap”. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2024-38152

Windows OLE Remote Code Execution Vulnerability...

PT-2024-5708 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a buffer overflow in the "heap" of the Windows OLE component, which can be exploited to execute arbitrary code. This allows remote attackers to affect the system...

Microsoft OLE 安全漏洞

Microsoft OLE is an object-oriented technology from Microsoft Corporation USA. A security vulnerability exists in Microsoft OLE. An attacker exploiting this vulnerability could remotely execute code. The following products and versions are affected:Windows 10 Version 1809 for 32-bit Systems,Windo...

The vulnerability of the OLE DB driver for SQL Server, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server is related to buffer overflow in the “heap”. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the OLE DB driver for SQL Server, related to integer overflow, allows an attacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the OLE DB driver for SQL Server, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server is related to buffer overflow in the “heap”. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the OLE DB driver for SQL Server, related to the use of memory after it is freed, allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server relates to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the OLE DB driver for SQL Server, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the OLE DB driver for SQL Server is related to buffer overflow in the “heap”. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remotely...