CVE-2025-59159

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebinding, allowing...

EUVD-2015-7255

Malware in sbrugna...

EUVD-2016-6653

Malware in sbrugna...

EUVD-2025-32552

SillyTavern Web Interface Vulnerable DNS Rebinding...

CVE-2025-59159 SillyTavern Web Interface Vulnerable to DNS Rebinding

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebinding, allowing...

CVE-2025-59159

SillyTavern’s web UI (prior to 1.13.4) is vulnerable to DNS rebinding, enabling attackers to read chats, inject HTML, install extensions, and execute phishing-style actions. The issue is mitigated in 1.13.4 by adding a host validation setting (hostWhitelist.enabled) in config.yaml or SILLYTAVERN_...

CVE-2025-59159 SillyTavern Web Interface Vulnerable to DNS Rebinding

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebinding, allowing...

CVE-2025-59159 SillyTavern Web Interface Vulnerable to DNS Rebinding

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebinding, allowing...

PT-2025-40903

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.13.4 Description SillyTavern is a locally installed user interface for interacting with large language models, image generation engines, and text-to-speech models. The web user interface, in versions prior to...

EUVD-2024-32736

Malicious code in bioql PyPI...

CVE-2024-4177

A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise...

CVE-2024-4177

A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise...

Bitdefender GravityZone Update Server Security Vulnerability

Bitdefender GravityZone Update Server is a solution from Bitdefender Romania for managing and distributing update files on the Bitdefender GravityZone administrator console. A security vulnerability exists in Bitdefender GravityZone Update Server that stems from a problem with the host whitelist...

Apache Dubbo 代码问题漏洞

Apache Dubbo is the United States Apache Apache Foundation of a lightweight Java-based RPC Remote Procedure Call framework. The product provides interface-based remote calling , fault tolerance and load balancing and automatic service registration and discovery. A security vulnerability exists in...

CVE-2016-5714

Puppet Enterprise 2015.3.3 and 2016.x before 2016.4.0, and Puppet Agent 1.3.6 through 1.7.0 allow remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on Puppet nodes via vectors related to command validation, aka "Puppet Execution Protocol PXP Command...

Design/Logic Flaw

Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to bypass a host whitelist protection mechanism by leveraging the Puppet communications protocol...

CVE-2015-7330

Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to bypass a host whitelist protection mechanism by leveraging the Puppet communications protocol...

CVE-2015-7330

Puppet Enterprise 2015.3 before 2015.3.1 is affected by CVE-2015-7330: a remote attacker can bypass the host whitelist protection mechanism by leveraging the Puppet communications protocol. The issue concerns the host-whitelist protection and is exploitable remotely via the Puppet communications ...