Lucene search
+L

5 matches found

cve
cve
added 2025/03/20 10:10 a.m.56 views

CVE-2024-7034

Open WebUI open-webui has a documented vulnerability in version 0.3.8 where the /models/upload endpoint writes files arbitrarily due to using file_path = f"{UPLOAD_DIR}/{file.filename}" without input validation. This allows directory traversal via crafted file.filename to escape UPLOAD_DIR and ov...

6.9AI score0.02458EPSS
Exploits0
github
github
added 2024/04/10 6:30 p.m.28 views

LocalAI Command Injection in audioToWav

A command injection vulnerability exists in the TranscriptEndpoint of mudler/localai, specifically within the audioToWav function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing the...

9.8CVSS8.1AI score0.02879EPSS
Exploits1References4Affected Software1
osv
osv
added 2024/04/10 5:8 p.m.20 views

CVE-2024-2029 Command Injection in mudler/localai

A command injection vulnerability exists in the TranscriptEndpoint of mudler/localai, specifically within the audioToWav function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing the...

9.8CVSS6.2AI score0.02879EPSS
Exploits1References4
zdi
zdi
added 2016/07/01 12:0 a.m.42 views

Trihedral VTScada Filter Bypass Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trihedral VTScada. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Wireless Application Protocol requests. The issue lies in the failur...

5CVSS0.7AI score0.20104EPSS
Exploits0References1
securityvulns
securityvulns
added 2006/01/24 12:0 a.m.37 views

[SA18579] OpenSSH scp Command Line Shell Command Injection

TITLE: OpenSSH scp Command Line Shell Command Injection SECUNIA ADVISORY ID: SA18579 VERIFY ADVISORY: http://secunia.com/advisories/18579/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: OpenSSH 4.x http://secunia.com/product/5653/ OpenSSH 3.x...

0.9AI score
Exploits0
Rows per page
Query Builder