Lucene search
K

10 matches found

NVD
NVD
added 2024/08/04 12:15 a.m.25 views

CVE-2024-6331

stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read LFI by Prompt Injection. The integration of Google Gimini 1.0 Pro with HarmBlockThreshold.BLOCKNONE for HarmCategory.HARMCATEGORYHATESPEECH and HarmCategory.HARMCATEGORYHARASSMENT i...

7.5CVSS0.00496EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/08/04 12:0 a.m.14 views

CVE-2024-6331 Injection by Prompt Injection in stitionai/devika

stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read LFI by Prompt Injection. The integration of Google Gimini 1.0 Pro with HarmBlockThreshold.BLOCKNONE for HarmCategory.HARMCATEGORYHATESPEECH and HarmCategory.HARMCATEGORYHARASSMENT i...

7.5CVSS6.7AI score0.00496EPSS
Exploits1References1
CVE
CVE
added 2024/08/04 12:0 a.m.37 views

CVE-2024-6331

CVE-2024-6331 affects stitionai/devika: Local File Read via Prompt Injection on the main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f. The issue stems from prompt-injection allowing execution of commands that can read sensitive files (e.g., /etc/passwd) due to HarmBlockThreshold.B...

7.5CVSS7.6AI score0.00496EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/08/04 12:0 a.m.30 views

CVE-2024-6331 Injection by Prompt Injection in stitionai/devika

stitionai/devika main branch as of commit cdfb782b0e634b773b10963c8034dc9207ba1f9f is vulnerable to Local File Read LFI by Prompt Injection. The integration of Google Gimini 1.0 Pro with HarmBlockThreshold.BLOCKNONE for HarmCategory.HARMCATEGORYHATESPEECH and HarmCategory.HARMCATEGORYHARASSMENT i...

7.5CVSS0.00496EPSS
Exploits1References1
NVD
NVD
added 2024/01/10 9:15 p.m.28 views

CVE-2023-51127

FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE...

7.5CVSS7.5AI score0.01254EPSS
Exploits0References1
Prion
Prion
added 2024/01/10 9:15 p.m.22 views

Directory traversal

FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file...

5CVSS7.2AI score0.01254EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/10 12:0 a.m.35 views

CVE-2023-51127

FLIR AX8 thermal sensor cameras up to and including 1.46.16 are vulnerable to Directory Traversal due to improper access restriction. This vulnerability allows an unauthenticated, remote attacker to obtain arbitrary sensitive file contents by uploading a specially crafted symbolic link file. NOTE...

7.7AI score0.01254EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2020-0474)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.2AI score0.0049EPSS
Exploits4References5
Mageia
Mageia
added 2020/12/29 11:57 a.m.43 views

Updated spice-vdagent package fixes security vulnerabilities

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service CVE-2020-25650. Matthias Gerstner discovered that SPICE vdagent incorrectly...

6.4CVSS2.6AI score0.0049EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2020/11/05 12:0 a.m.33 views

Ubuntu 18.04 LTS / 20.04 LTS : SPICE vdagent vulnerabilities (USN-4617-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4617-1 advisory. Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issu...

6.4CVSS6.1AI score0.0049EPSS
Exploits4References5
Rows per page
Query Builder