Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 1:1 p.m.6 views

CVE-2024-9431

In version v0.0.14 of transformeroptimus/superagi, there is an improper privilege management vulnerability. After logging into the system, users can change the passwords of other users, leading to potential account takeover...

8.8CVSS7AI score0.00583EPSS
Exploits1References1
NVD
NVD
added 2025/03/20 10:15 a.m.7 views

CVE-2024-9437

SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service DoS attack. The vulnerability exists in the resource upload request, where appending characters, such as dashes -, to the end of a multipart boundary in an HTTP request causes the server to continuously process each...

7.5CVSS0.00765EPSS
Exploits1References1
NVD
NVD
added 2025/03/20 10:15 a.m.9 views

CVE-2024-12048

An IDOR Insecure Direct Object Reference vulnerability exists in transformeroptimus/superagi version v0.0.14. The application fails to properly check authorization for multiple API endpoints, allowing attackers to view, edit, and delete other users' information without proper authorization...

8.8CVSS0.00685EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/03/20 12:0 a.m.5 views

PT-2025-12282 · Unknown · Transformeroptimus/Superagi

Name of the Vulnerable Software and Affected Versions: transformeroptimus/superagi version v0.0.14 Description: The issue is related to improper privilege management. After logging into the system, users can change the passwords of other users, which could lead to account takeover. Recommendation...

8.8CVSS6.5AI score0.00583EPSS
Exploits1References5
Rows per page
Query Builder