6 matches found
EUVD-2025-7025
Malicious code in bioql PyPI...
EUVD-2023-12927
Malicious code in bioql PyPI...
CVE-2024-11441 Stored XSS in Serge in serge-chat/serge
A stored cross-site scripting XSS vulnerability exists in Serge version 0.9.0. The vulnerability is due to improper neutralization of input during web page generation in the chat prompt. An attacker can exploit this vulnerability by sending a crafted message containing malicious HTML/JavaScript...
CVE-2024-11441 Stored XSS in Serge in serge-chat/serge
A stored cross-site scripting XSS vulnerability exists in Serge version 0.9.0. The vulnerability is due to improper neutralization of input during web page generation in the chat prompt. An attacker can exploit this vulnerability by sending a crafted message containing malicious HTML/JavaScript...
ChatGPT-4o contains security bypass vulnerability through time and search functions called "Time Bandit"
Overview ChatGPT-4o contains a jailbreak vulnerability called "Time Bandit" that allows an attacker the ability to circumvent the safety guardrails of ChatGPT and instruct it to provide illicit or dangerous content. The jailbreak can be initiated in a variety of ways, but centrally requires the...
GNU GNU bash 1.14 - Path Embedded Code Execution
source: https://www.securityfocus.com/bid/119/info A vulnerability in bash may allow inadvertently running commands embedded in the path to the currently working directory. If an unsuspecting user enters a directory created by some malicious user with embedded commands, and their prompt PS1...