Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

AMD Graphics Driver 数据伪造问题漏洞

AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. The AMD Graphics Driver has a vulnerability related to data manipulation, stemming from improper encryption signature verification. This vulnerability may allow malicious files placed in the...

7CVSS6AI score0.00082EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

AMD Graphics Driver 缓冲区错误漏洞

The AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. The AMD Graphics Driver has a buffer error vulnerability, which stems from improper restrictions on memory buffer operations. This vulnerability may allow attackers to read from or write to...

8.8CVSS6.3AI score0.00104EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

WordPress plugin FOX Currency Switcher Professional for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

8.1CVSS5.7AI score0.00273EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

AMD Chipset 安全漏洞

The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains security vulnerabilities, which stem from incorrect default permissions in the installation directory. This could allow attackers to gain elevated privileges, leading to arbitrary code...

8.5CVSS6.1AI score0.00105EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

WordPress plugin Advanced Custom Fields: Font Awesome 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.8AI score0.00274EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

MCP Calculate Server 代码注入漏洞

MCP Calculate Server is a mathematical calculation service tool developed by 611711Dark, based on the MCP protocol. Versions of MCP Calculate Server prior to 0.1.1 contained a code injection vulnerability. This vulnerability arose from the use of eval to evaluate mathematical expressions without...

9.8CVSS6.2AI score0.00478EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

BlueNoteMKVI PHP Timeclock 跨站脚本漏洞

BlueNoteMKVI PHP Timeclock is an employee attendance and working hours recording system developed by BlueNoteMKVI company, based on PHP and MySQL. Version 1.04 of PHP Timeclock contains a cross-site scripting vulnerability. This vulnerability stems from multiple cross-site scripting issues,...

6.1CVSS5.8AI score0.00211EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.16 views

AMD Graphics Driver 代码问题漏洞

AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. There are code vulnerabilities in AMD Graphics Driver, which stem from DLL hijacking. These vulnerabilities may allow attackers to gain elevated privileges and execute arbitrary code...

7.8CVSS6.1AI score0.00119EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.14 views

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multilingual, database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.2 had a cross-site scripting vulnerability. This vulnerability stemmed from a recursive entity decoding limit of 5 times in SvgSanitizer::decodeAllEntities, allowing users with...

5.4CVSS5.9AI score0.00153EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.11 contained a security vulnerability. This vulnerability stemmed from the lack of authorization checks on the API endpoint/api/v1/notes/noteid, allowing...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.15 views

Open WebUI 信息泄露漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.9 contained a vulnerability related to information leakage. This vulnerability occurred when non-administrator users logged in, causing the application to send...

6.5CVSS5.8AI score0.00281EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.20 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.8.6 contained security vulnerabilities. These vulnerabilities stemmed from the chat completion API, where tool IDs and server parameters were provided by users witho...

7.1CVSS5.8AI score0.0026EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.5.11 have code vulnerabilities. These vulnerabilities stem from the PDF export feature, where user input is interpreted as HTML and embedded in PDFs. Additionally,...

5.4CVSS5.9AI score0.00186EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.15 views

Open WebUI 授权问题漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.5.7 had an authorization issue vulnerability. This vulnerability stems from the ability for users to change access permissions during editing, potentially leading to...

6.5CVSS5.8AI score0.00226EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

Open WebUI 跨站脚本漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.3 had a cross-site scripting vulnerability. This vulnerability stemmed from the XLSX.utils.sheettohtml function, which was rendered using @html excelHtml without...

5.4CVSS5.6AI score0.00209EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Open WebUI 输入验证错误漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Prior to Open WebUI 0.9.3, there was a vulnerability related to input validation errors. This vulnerability stemmed from the image upload feature’s cross-site request forgeing mechanism, which could...

4.6CVSS5.7AI score0.00165EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Open WebUI 跨站脚本漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.3 had a cross-site scripting vulnerability. This vulnerability stemmed from the audio transcription upload endpoint, which extracted the file extension from the...

8.7CVSS5.7AI score0.0018EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.3 contained a security vulnerability. This vulnerability stemmed from the channel webhook creation/update process accepting arbitrary profileimageurl values,...

7.4CVSS6AI score0.00212EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 跨站脚本漏洞

Open WebUI is an open-source, scalable, feature-rich, and user-friendly self-hosted WebUI. Versions of Open WebUI prior to 0.6.5 had a cross-site scripting vulnerability. This vulnerability stemmed from HTML rendering views that allowed script injection and execution, potentially leading to...

7.7CVSS5.7AI score0.00217EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 访问控制错误漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.3.16 contained a access control vulnerability. This vulnerability stemmed from the lack of permission checks for file-related API endpoints, which could allow any...

8.1CVSS5.8AI score0.00273EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.8.6 contained security vulnerabilities. These vulnerabilities stemmed from the standard channel endpoint: POST /api/v1/channels/channelid/messages/messageid/update...

6.5CVSS5.8AI score0.00277EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.9 views

Open WebUI 安全漏洞

Open WebUI is an open-source, scalable, feature-rich, and user-friendly self-hosted WebUI. Versions of Open WebUI prior to 0.6.19 contained security vulnerabilities. These vulnerabilities stemmed from inconsistent authorization controls in the memory API, allowing standard users to delete, restor...

8.3CVSS5.8AI score0.00294EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 路径遍历漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.1.124 contained a path traversal vulnerability. This vulnerability occurred when files were attached in messages, where the file names originated from the original...

9.8CVSS5.8AI score0.00336EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.1.124 contained security vulnerabilities. These vulnerabilities stemmed from APIs that did not properly verify whether the user had the authorized user role. When...

7.3CVSS5.8AI score0.0023EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Open WebUI 路径遍历漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.6.10 had a path traversal vulnerability. This vulnerability arises when uploading audio files, where the file name originates from the original HTTP upload request a...

8.1CVSS5.8AI score0.00454EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 跨站脚本漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.8.0 had a cross-site scripting vulnerability. This vulnerability stemmed from the insecure preview of Excel file attachments. The specially crafted XLSX file paylo...

8.7CVSS5.7AI score0.00318EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.15 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.6.19 contained security vulnerabilities. These vulnerabilities stemmed from the IDOR in the channel message management system, allowing authenticated users to modify...

7.1CVSS5.8AI score0.00266EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 contained security vulnerabilities. These vulnerabilities stemmed from multiple endpoints accepting file IDs provided by users without verifying ownership,...

8.1CVSS5.8AI score0.00346EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.14 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.5 had code issues and vulnerabilities, which were caused by parsing differences between the urlparse and requests libraries, leading to SSRF bypasses...

8.5CVSS5.9AI score0.00292EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 contained security vulnerabilities. These vulnerabilities stemmed from the collectionaccess verification function not checking the knowledge base collection. As ...

7.5CVSS5.8AI score0.00331EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.14 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 had code vulnerabilities. These vulnerabilities stemmed from the validateurl function, which only verified the initial URL without verifying the redirection...

8.5CVSS5.9AI score0.003EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.14 views

Open WebUI 访问控制错误漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 contained a security vulnerability related to access control. This vulnerability stemmed from the lack of authentication for the GET /api/v1/retrieval endpoint,...

5.3CVSS5.8AI score0.0072EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.14 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the “fix” or “unfix” operations were write operations, but only read...

4.3CVSS5.8AI score0.00204EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 信息泄露漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 had a vulnerability related to information leakage. This vulnerability occurred when group members were granted read access to model settings, allowing them to...

4.3CVSS5.8AI score0.0022EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.5 contained security vulnerabilities. These vulnerabilities stemmed from insecure direct object reference vulnerabilities in the channel functionality. The...

4.3CVSS5.8AI score0.00204EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under the open source Open WebUI project. Versions of Open WebUI prior to 0.9.5 contained security vulnerabilities. These vulnerabilities stemmed from the POST /api/v1/evaluations/feedback endpoint, which had a batch...

5.4CVSS5.8AI score0.00307EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.16 views

Open WebUI 跨站脚本漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from stored-xss attacks, which could allow users with model creation permissions to...

7.3CVSS7.4AI score0.00308EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.13 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authorization checks in the GET /api/tasks and POST /api/tasks/stop/taskid...

7.1CVSS5.8AI score0.0027EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained a security vulnerability. This vulnerability stemmed from the unconditional authorization check for the DELETE /api/v1/files/id endpoint, allowing...

8CVSS5.8AI score0.0027EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the ability for users to continue a conversation with another user through...

7.1CVSS5.8AI score0.00231EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.14 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 had code vulnerabilities. These vulnerabilities stemmed from the validators.ipv6 function in validateurl, which did not implement the private keyword for IPv6. A...

8.5CVSS5.9AI score0.00286EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

Open WebUI 跨站脚本漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.0 had a cross-site scripting vulnerability. This vulnerability stemmed from the AccountPending.svelte component using marked.parse to render...

4.8CVSS5.7AI score0.0017EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.12 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the getsourcesfromitems function, where the execution vectors for paths containing a bare...

6.5CVSS6AI score0.00366EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

Open WebUI 安全漏洞

Open WebUI is an open-source, scalable, feature-rich, and user-friendly self-hosted WebUI. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the POST /api/v1/models/import endpoint, which allowed users with the workspace.models.import...

6.5CVSS5.8AI score0.0029EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the GET /api/v1/channels/id/members endpoint, which only checked group and DM channel type...

4.3CVSS5.8AI score0.00221EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.16 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the router not calling filterallowedaccessgrants during path creation or updates...

5.4CVSS5.9AI score0.0019EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the model combination feature: the access control pipeline only verified users’ access...

7.6CVSS5.9AI score0.00248EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under the open source Open WebUI project. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the POST /api/v1/retrieval/process/web endpoint accepting parameter...

8.1CVSS5.8AI score0.00295EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.14 views

Open WebUI 代码问题漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI under open source. Versions of Open WebUI prior to 0.9.0 had code-related vulnerabilities. These vulnerabilities stemmed from the lack of proper handling when managing role changes or deleting users, which resulted in...

8.1CVSS5.8AI score0.00284EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of prefixes for the toolservers and terminalservers keys in the utils/tools.py...

8.7CVSS5.8AI score0.00305EPSS
Exploits1References2
Total number of security vulnerabilities195539