F5 BIG-IP Security Vulnerabilities

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 Corporation. A security vulnerability exists in the F5 BIG-IP that originates from a traffic management microkernel TMM termination...

Gradio Path Traversal vulnerability

A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...

PYSEC-2024-261

A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...

CVE-2024-0964

A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...

CVE-2024-0964

A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...

Cross site request forgery (csrf)

A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...

CVE-2024-0964

CVE-2024-0964 describes a local-file-inclusion vulnerability in Gradio caused by a vulnerable user-supplied JSON value in an API request. Affected software is the Gradio Python library (noted in multiple sources referencing gradio-app/gradio). The underlying issue is a path traversal/LFI risk tri...

CVE-2024-0964 LFI in Gradio

A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...

CVE-2024-0964 LFI in Gradio

A local file include could be remotely triggered in Gradio due to a vulnerable user-supplied JSON value in an API request...

Use After Free

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Use After Free via the xmlTextReader module. An attacker can cause denial of service by processing crafted XML documents with DTD validation and XInclude expansion enabled...

PT-2024-15944

Name of the Vulnerable Software and Affected Versions Gradio affected versions not specified Description A local file include could be remotely triggered due to a vulnerable user-supplied JSON value in an API request. This issue allows for the potential inclusion of local files, which could lead ...

libxml2 Security Vulnerabilities

libxml2 is an open source library used to parse XML documents . It is written in C and can be called by many languages, such as C, C++, XSH. A security vulnerability exists in libxml2 prior to version 2.11.7 and version 2.12.x prior to version 2.12.5, which stems from the fact that when using the...

CVE-2024-0945

A vulnerability classified as critical has been found in 60IndexPage up to 1.8.5. This affects an unknown part of the file /include/file.php of the component Parameter Handler. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotel...

Trend Micro Apex Central widget WFProxy Local File Inclusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the getObjWGFServiceApiByApiName function. The issue results from the lack of prope...

SUSE CVE-2023-49084

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the...

CVE-2023-6971

The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful exploitation of...

DEBIAN-CVE-2023-49084

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the...

CVE-2023-49084

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the...

UBUNTU-CVE-2023-49084

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the...

Cacti security breach

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to obtain data , using RRDtool drawing graphs to analyze , and provide data and user management features . A security vulnerability exists in Cacti versions prior to 1.2.26,...