4 matches found
CVE-2025-53648
CVE-2025-53648 affects Gravitino UI prior to 1.0.0, where a SQL misconfiguration can allow a malicious user to read or truncate files. The vulnerability is triggered by improper SQL handling in the Gravitino UI, impacting versions 1.0.0 and earlier. Upgrading to version 1.0.0 (as recommended) fix...
PT-2024-23736 · Unknown · Anything-Llm
Name of the Vulnerable Software and Affected Versions: anything-llm versions prior to 1.0.0 Description: A remote code execution issue exists due to improper handling of environment variables. Attackers can exploit this by injecting arbitrary environment variables via the "POST...
PT-2022-18344 · Inhand Networks · Inrouter 900
Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 900 Industrial 4G Router versions prior to 1.0.0.r11700 Description: A remote code execution issue was discovered in the ipsec secrets component. This issue can be triggered by a crafted packet, potentially allowing f...
PT-2018-3810 · Gnu +5 · Gnu Libcdio +5
Name of the Vulnerable Software and Affected Versions: GNU libcdio versions prior to 1.0.0 Description: The issue is related to the realloc symlink function in rock.c and is associated with pointer dereference errors. It can be exploited by remote attackers to cause a denial of service...