Lucene search
K

5 matches found

CVE
CVE
added 2025/03/20 10:10 a.m.53 views

CVE-2024-7034

Open WebUI 0.3.8 is affected by a directory traversal vulnerability in the /models/upload endpoint due to unsafe handling of file.filename, allowing arbitrary file writes outside the UPLOAD_DIR and potentially overwriting system files. This can lead to unauthorized modifications and may enable re...

7.2CVSS6.9AI score0.02458EPSS
Exploits1References1Affected Software1
Github Security Blog
Github Security Blog
added 2024/04/10 6:30 p.m.28 views

LocalAI Command Injection in audioToWav

A command injection vulnerability exists in the TranscriptEndpoint of mudler/localai, specifically within the audioToWav function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing the...

9.8CVSS8.1AI score0.02879EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/04/10 5:8 p.m.20 views

CVE-2024-2029 Command Injection in mudler/localai

A command injection vulnerability exists in the TranscriptEndpoint of mudler/localai, specifically within the audioToWav function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing the...

9.8CVSS6.2AI score0.02879EPSS
Exploits1References4
Zero Day Initiative
Zero Day Initiative
added 2016/07/01 12:0 a.m.42 views

Trihedral VTScada Filter Bypass Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trihedral VTScada. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Wireless Application Protocol requests. The issue lies in the failur...

5CVSS0.7AI score0.20104EPSS
Exploits0References1
securityvulns
securityvulns
added 2006/01/24 12:0 a.m.36 views

[SA18579] OpenSSH scp Command Line Shell Command Injection

TITLE: OpenSSH scp Command Line Shell Command Injection SECUNIA ADVISORY ID: SA18579 VERIFY ADVISORY: http://secunia.com/advisories/18579/ CRITICAL: Not critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: OpenSSH 4.x http://secunia.com/product/5653/ OpenSSH 3.x...

0.9AI score
Exploits0
Rows per page
Query Builder