20 matches found
EUVD-2025-10071
Malicious code in bioql PyPI...
EUVD-2025-10069
Malicious code in bioql PyPI...
EUVD-2025-10070
Malicious code in bioql PyPI...
CVE-2025-3412
A vulnerability, which was classified as critical, was found in mymagicpower AIAS 20250308. Affected is an unknown function of the file 2trainingplatform/train-platform/src/main/java/top/aias/training/controller/InferController.java. The manipulation of the argument url leads to server-side reque...
CVE-2025-3410
A vulnerability classified as critical was found in mymagicpower AIAS 20250308. This vulnerability affects unknown code of the file trainingplatform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java. The manipulation of the argument File leads to unrestricted...
CVE-2025-3412
A vulnerability, which was classified as critical, was found in mymagicpower AIAS 20250308. Affected is an unknown function of the file 2trainingplatform/train-platform/src/main/java/top/aias/training/controller/InferController.java. The manipulation of the argument url leads to server-side reque...
CVE-2025-3412 mymagicpower AIAS InferController.java server-side request forgery
A vulnerability, which was classified as critical, was found in mymagicpower AIAS 20250308. Affected is an unknown function of the file 2trainingplatform/train-platform/src/main/java/top/aias/training/controller/InferController.java. The manipulation of the argument url leads to server-side reque...
CVE-2025-3412
CVE-2025-3412 affects mymagicpower AIAS 20250308; the vulnerability lies in an unknown function within 2_training_platform/train-platform/src/main/java/top/aias/training/controller/InferController.java. Manipulating the url argument triggers server-side request forgery (SSRF) and can be exploited...
CVE-2025-3412 mymagicpower AIAS InferController.java server-side request forgery
A vulnerability, which was classified as critical, was found in mymagicpower AIAS 20250308. Affected is an unknown function of the file 2trainingplatform/train-platform/src/main/java/top/aias/training/controller/InferController.java. The manipulation of the argument url leads to server-side reque...
CVE-2025-3411
A vulnerability, which was classified as critical, has been found in mymagicpower AIAS 20250308. This issue affects some unknown processing of the file 3apiplatform/api-platform/src/main/java/top/aias/platform/controller/AsrController.java. The manipulation of the argument url leads to server-sid...
CVE-2025-3411
A vulnerability, which was classified as critical, has been found in mymagicpower AIAS 20250308. This issue affects some unknown processing of the file 3apiplatform/api-platform/src/main/java/top/aias/platform/controller/AsrController.java. The manipulation of the argument url leads to server-sid...
CVE-2025-3410
A vulnerability classified as critical was found in mymagicpower AIAS 20250308. This vulnerability affects unknown code of the file trainingplatform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java. The manipulation of the argument File leads to unrestricted...
CVE-2025-3410
A vulnerability classified as critical was found in mymagicpower AIAS 20250308. This vulnerability affects unknown code of the file trainingplatform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java. The manipulation of the argument File leads to unrestricted...
CVE-2025-3411
CVE-2025-3411 affects mymagicpower AIAS 20250308. The vulnerability resides in the file 3_api_platform/api-platform/src/main/java/top/aias/platform/controller/AsrController.java, where manipulation of the url argument leads to a server-side request forgery (SSRF). The issue can be exploited remot...
CVE-2025-3411 mymagicpower AIAS AsrController.java server-side request forgery
A vulnerability, which was classified as critical, has been found in mymagicpower AIAS 20250308. This issue affects some unknown processing of the file 3apiplatform/api-platform/src/main/java/top/aias/platform/controller/AsrController.java. The manipulation of the argument url leads to server-sid...
CVE-2025-3411 mymagicpower AIAS AsrController.java server-side request forgery
A vulnerability, which was classified as critical, has been found in mymagicpower AIAS 20250308. This issue affects some unknown processing of the file 3apiplatform/api-platform/src/main/java/top/aias/platform/controller/AsrController.java. The manipulation of the argument url leads to server-sid...
CVE-2025-3410
The CVE-2025-3410 entry concerns mymagicpower AIAS 20250308. The flaw resides in the LocalStorageController.java path in training_platform, where improper handling of the File argument enables unrestricted file upload. Attack is network-based and can be executed remotely, with public disclosure o...
CVE-2025-3410 mymagicpower AIAS LocalStorageController.java unrestricted upload
A vulnerability classified as critical was found in mymagicpower AIAS 20250308. This vulnerability affects unknown code of the file trainingplatform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java. The manipulation of the argument File leads to unrestricted...
PT-2025-15354 · Unknown · Mymagicpower Aias
Name of the Vulnerable Software and Affected Versions: mymagicpower AIAS version 20250308 Description: A critical issue has been found in the processing of the file 3 api platform/api-platform/src/main/java/top/aias/platform/controller/AsrController.java. The manipulation of the url argument lead...
PT-2025-15353 · Unknown · Mymagicpower Aias
Name of the Vulnerable Software and Affected Versions: mymagicpower AIAS 20250308 Description: A critical issue was found in the code of the file training platform/train-platform/src/main/java/top/aias/training/controller/LocalStorageController.java, affecting the File argument. This allows for...