5 matches found
CVE-2025-51867
Insecure Direct Object Reference IDOR vulnerability in Deepfiction AI deepfiction.ai thru June 3, 2025, allowing attackers to chat with the LLM using other users' credits via sensitive information gained by the /browse/stories endpoint...
CVE-2025-51867
Insecure Direct Object Reference IDOR vulnerability in Deepfiction AI deepfiction.ai thru June 3, 2025, allowing attackers to chat with the LLM using other users' credits via sensitive information gained by the /browse/stories endpoint...
CVE-2025-51867
Insecure Direct Object Reference IDOR vulnerability in Deepfiction AI deepfiction.ai thru June 3, 2025, allowing attackers to chat with the LLM using other users' credits via sensitive information gained by the /browse/stories endpoint...
CVE-2025-51867
CVE-2025-51867 affects Deepfiction AI and is an Insecure Direct Object Reference (IDOR) vulnerability exploiting the /browse/stories endpoint to let an attacker chat with the LLM using other users’ credits. Root cause: improper access controls exposing sensitive information tied to user credits. ...
Apache Tomcat Remote Code Execution / Information Disclosure
This is the formal advisory from Apache regarding the recent partial PUT vulnerability that allows for potential remote code execution or information disclosure. Apache Tomcat versions 11.0.0-M1 to 11.0.2, 10.1.0-M1 to 10.1.34, and 9.0.0.M1 to 9.0.98 are affected. CVE-2025-24813 Potential RCE...