Lucene search
K

78 matches found

CNNVD
CNNVD
added 2025/05/22 12:0 a.m.2 views

fc-stable-diffusion 安全漏洞

fc-stable-diffusion is an open source tool from Serverless Devs Registry for deploying stable-diffusion to AliCloud Functional Computing. A security vulnerability exists in fc-stable-diffusion v1.0.18, which stems from improper privileges and could lead to elevated privileges and customer cloud...

8.8CVSS6.7AI score0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/22 12:0 a.m.5 views

CVE-2025-45468

Insecure permissions in fc-stable-diffusion-plus v1.0.18 allows attackers to escalate privileges and compromise the customer cloud account...

8.8AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2025/05/22 12:0 a.m.56 views

CVE-2025-45468

CVE-2025-45468 affects fc-stable-diffusion-plus v1.0.18, caused by insecure permissions that enable privilege escalation and potential compromise of the customer cloud account. CVSS 3.1 base score 8.8 (HIGH) with network attack vector, low attack complexity, and privileges required: LOW. Exploita...

8.8CVSS6.8AI score0.00302EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/22 1:16 p.m.9 views

CVE-2024-12374

A stored cross-site scripting XSS vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript...

6.1CVSS5.7AI score0.00394EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/22 1:14 p.m.7 views

CVE-2024-12074

A Denial of Service DoS vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large...

6.5CVSS6.9AI score0.00747EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/22 1:14 p.m.7 views

CVE-2024-12375

A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a973c. This vulnerability allows an attacker to read arbitrary files on the system by sending a specially crafted request to the application...

6.5CVSS6.7AI score0.00772EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/22 12:52 p.m.12 views

CVE-2024-11044

An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This vulnerability can be exploited to conduct phishing attacks, distribute malware, and steal user...

6.1CVSS7.1AI score0.00816EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:15 a.m.4 views

CVE-2024-12374

A stored cross-site scripting XSS vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript...

6.1CVSS5.9AI score0.00394EPSS
Exploits1References1
NVD
NVD
added 2025/03/20 10:15 a.m.7 views

CVE-2024-12375

A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a973c. This vulnerability allows an attacker to read arbitrary files on the system by sending a specially crafted request to the application...

6.5CVSS0.00772EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:15 a.m.4 views

CVE-2024-12375

A local file inclusion vulnerability was identified in automatic1111/stable-diffusion-webui, affecting version git 82a973c. This vulnerability allows an attacker to read arbitrary files on the system by sending a specially crafted request to the application...

6.5CVSS5.9AI score0.00772EPSS
Exploits1References1
NVD
NVD
added 2025/03/20 10:15 a.m.7 views

CVE-2024-12374

A stored cross-site scripting XSS vulnerability exists in automatic1111/stable-diffusion-webui version git 82a973c. An attacker can upload an HTML file, which the application interprets as content-type application/html. If a victim accesses the malicious link, it will execute arbitrary JavaScript...

6.1CVSS0.00394EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:15 a.m.3 views

CVE-2024-12074

A Denial of Service DoS vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large...

6.5CVSS5.8AI score0.00747EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:15 a.m.3 views

CVE-2024-11044

An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This vulnerability can be exploited to conduct phishing attacks, distribute malware, and steal user...

6.1CVSS5.9AI score0.00816EPSS
Exploits1References1
NVD
NVD
added 2025/03/20 10:15 a.m.9 views

CVE-2024-11044

An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This vulnerability can be exploited to conduct phishing attacks, distribute malware, and steal user...

6.1CVSS0.00816EPSS
Exploits1References1
NVD
NVD
added 2025/03/20 10:15 a.m.7 views

CVE-2024-10935

automatic1111/stable-diffusion-webui version 1.10.0 contains a vulnerability where the server fails to handle excessive characters appended to the end of multipart boundaries. This flaw can be exploited by sending malformed multipart requests with arbitrary characters at the end of the boundary,...

7.5CVSS0.00765EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:15 a.m.4 views

CVE-2024-10935

automatic1111/stable-diffusion-webui version 1.10.0 contains a vulnerability where the server fails to handle excessive characters appended to the end of multipart boundaries. This flaw can be exploited by sending malformed multipart requests with arbitrary characters at the end of the boundary,...

7.5CVSS5.8AI score0.00765EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:11 a.m.8 views

CVE-2024-12074 Denial of Service in automatic1111/stable-diffusion-webui

A Denial of Service DoS vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large...

6.5CVSS0.00747EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:11 a.m.5 views

CVE-2024-12074 Denial of Service in automatic1111/stable-diffusion-webui

A Denial of Service DoS vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large...

6.5CVSS6.5AI score0.00747EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.28 views

CVE-2024-11045 Cross-Site WebSocket Hijacking (CSWSH) in automatic1111/stable-diffusion-webui

A Cross-Site WebSocket Hijacking CSWSH vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows an attacker to clone a malicious server extension from a GitHub repository. The vulnerability arises from the lack of proper validation on WebSocket connections at...

9.6CVSS0.00375EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:10 a.m.47 views

CVE-2024-11045

The CVE-2024-11045 CSWSH issue affects automatic1111/stable-diffusion-webui 1.10.0, where lack of validation for WebSocket connections at ws://127.0.0.1:7860/queue/join enables unauthorized actions such as cloning server extensions, running malicious scripts, data exfiltration, and potential DoS....

9.6CVSS9AI score0.00375EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder