Lucene search
+L

6 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-6913

Malicious code in bioql PyPI...

9.1CVSS9.3AI score0.00879EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/03/22 12:31 p.m.9 views

CVE-2024-7957

An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the loadcredentials method, where user-controlled input for realmname and zuliprccontent is used to construct file paths and write file content...

9.1CVSS7AI score0.00879EPSS
Exploits0References1
nvd
nvd
added 2025/03/20 10:15 a.m.13 views

CVE-2024-7957

An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the loadcredentials method, where user-controlled input for realmname and zuliprccontent is used to construct file paths and write file content...

9.1CVSS0.00879EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/03/20 10:10 a.m.7 views

CVE-2024-7957 Arbitrary File Overwrite in danswer-ai/danswer

An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the loadcredentials method, where user-controlled input for realmname and zuliprccontent is used to construct file paths and write file content...

9.1CVSS9.2AI score0.00879EPSS
Exploits0References1
cvelist
cvelist
added 2025/03/20 10:10 a.m.16 views

CVE-2024-7957 Arbitrary File Overwrite in danswer-ai/danswer

An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the loadcredentials method, where user-controlled input for realmname and zuliprccontent is used to construct file paths and write file content...

9.1CVSS0.00879EPSS
Exploits0References1
cve
cve
added 2025/03/20 10:10 a.m.45 views

CVE-2024-7957

The CVE-2024-7957 entry describes an arbitrary file overwrite vulnerability in the ZulipConnector of danswer-ai/danswer. The root cause is in load_credentials where user-controlled input for realm_name and zuliprc_content is used to construct file paths and write contents, enabling overwriting or...

9.1CVSS9.2AI score0.00879EPSS
Exploits0References1
Rows per page
Query Builder