Lucene search
K

5 matches found

OSV
OSV
added 2026/05/15 9:7 p.m.5 views

CVE-2026-45666 Open WebUI: Indirect Object Reference (IDOR) in user notes

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.11, the API /api/v1/notes/noteid endpoint lacks proper authorization checks, allowing authenticated users to retrieve notes belonging to other users by guessing or enumerating UUIDs. Th...

6.5CVSS6.6AI score0.00277EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-4655

Malware in sbrugna...

7.5CVSS6.2AI score0.02348EPSS
Exploits3References6
Positive Technologies
Positive Technologies
added 2024/09/02 12:0 a.m.7 views

PT-2024-31561 · Oracle +1 · Mysql Server +1

Name of the Vulnerable Software and Affected Versions: HedgeDoc versions prior to 1.10.0 Description: HedgeDoc is an open source, real-time, collaborative, markdown notes application. When using HedgeDoc with MySQL or MariaDB, it is possible to create notes with an alias matching the ID of existi...

6.5CVSS7.1AI score0.00551EPSS
Exploits1References8
NVD
NVD
added 2014/07/24 2:55 p.m.32 views

CVE-2014-4736

SQL injection vulnerability in E2 before 2.4 2845 allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process...

7.5CVSS8.2AI score0.02348EPSS
Exploits3References4
Prion
Prion
added 2014/07/24 2:55 p.m.25 views

Sql injection

SQL injection vulnerability in E2 before 2.4 2845 allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process...

7.5CVSS9AI score0.02348EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder