Lucene search
K

10 matches found

OSV
OSV
added 2026/05/14 8:17 p.m.10 views

GHSA-M8F9-9WHG-F4XR Open WebUI has stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptions

Summary The audio transcription upload endpoint takes the file extension from the user-supplied filename and saves the file under CACHEDIR/audio/transcriptions/.. The /cache/path route serves these files via FileResponse, which sets Content-Type from the on-disk extension and emits no...

8.7CVSS6.2AI score0.0018EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/11/26 12:0 a.m.6 views

FACTION 安全漏洞

Faction is an open source pen inspection report generation and evaluation collaboration framework from Faction Security. A security vulnerability exists in FACTION versions prior to 1.7.1 that stems from an extension execution path that allows untrusted extension code to execute arbitrary system...

9.8CVSS8.2AI score0.00591EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/05/24 12:0 a.m.40 views

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2017:1386-1)

This update for java-180-ibm fixes the following issues: Version update bsc1038505 : - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number -...

9.8CVSS6.9AI score0.07489EPSS
Exploits2References22
Tenable Nessus
Tenable Nessus
added 2017/05/24 12:0 a.m.44 views

SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2017:1384-1)

This update for java-170-ibm fixes the following issues: Version update to 7.0-10.5 bsc1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number ...

9.8CVSS6.9AI score0.07489EPSS
Exploits2References22
RedHat Linux
RedHat Linux
added 2017/05/10 12:44 p.m.6 views

OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)

An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...

7.7CVSS7.3AI score0.00759EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2017/05/09 10:46 a.m.6 views

OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)

An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...

7.7CVSS7.3AI score0.00759EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2017/04/24 11:16 a.m.5 views

OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)

An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...

7.7CVSS7.3AI score0.00759EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2017/04/24 11:16 a.m.6 views

OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)

An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...

7.7CVSS7.3AI score0.00759EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2017/04/21 2:10 a.m.6 views

OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)

An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...

7.7CVSS7.3AI score0.00759EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2017/04/20 7:27 p.m.4 views

OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528)

An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges...

7.7CVSS7.3AI score0.00759EPSS
Exploits2References5
Rows per page
Query Builder