Lucene search
K
HuntrMost viewed

4072 matches found

Huntr
Huntr
added 2021/05/03 8:8 a.m.9 views

Command Injection in sofianehamlaoui/lockdoor-framework

✍️ Description Command injection occurs due to lack of sanitization of input passed to the os.system command usage in the package. as the package runs only as root every command processed inside the package system command will be running with root privileges , so every command passed via simple...

2.3AI score
Exploits0References1
Huntr
Huntr
added 2021/02/14 12:0 a.m.9 views

Code Injection in adobe/ops-cli

Description ops-cli is a wrapper for Terraform, Ansible, Helmfile and SSH for cloud automation , which is vulnerable to Arbitary Code Execution. Vulnerability Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of Concept Installation bash pip install ops-cli Run exploit.py...

1.8AI score
Exploits0References1
Huntr
Huntr
added 2021/01/28 12:0 a.m.9 views

Code Injection in tensorflow/tfx

Description TensorFlow Extended TFX is a Google-production-scale machine learning platform based on TensorFlow. It provides a configuration framework to express ML pipelines consisting of TFX components. Vulnerability Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of...

2.5AI score
Exploits0References1
Huntr
Huntr
added 2021/01/26 12:0 a.m.9 views

Prototype Pollution in yomguithereal/baobab

Description baobab is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: javascript // poc.js const Baobab = require'baobab'; console.log'Before: ' + .polluted tree = new Baobab tree.deepMergeJSON.parse'"proto": "polluted": true' console.log'After: ' + .polluted...

1.7AI score
Exploits0
Huntr
Huntr
added 2020/12/21 12:0 a.m.9 views

Prototype Pollution in bonnevoyager/nested-objects-util

Description nested-objects-util is vulnerable to Prototype Pollution. Proof of Concept 1. Create the following PoC file: // poc.js var unflatten = require"nested-objects-util" console.log"Before : " + .polluted; unflatten"proto.polluted": "Yes! Its Polluted" console.log"After : " + .polluted; 2...

2.1AI score
Exploits0
Huntr
Huntr
added 2020/10/23 12:0 a.m.9 views

Prototype Pollution in coderaiser/nessy

Description nessy is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js var nessy = require"nessy" var obj = console.log"Before : " +...

1.8AI score
Exploits0
Huntr
Huntr
added 2020/09/13 12:0 a.m.9 views

Cross-site Scripting (XSS) - Generic in jsdecena/laracom

Description LaracomLaravel FREE E-Commerce Software this package is vulnerable to Stored Cross-Site Scripting XSS. https://github.com/jsdecena/laracom Steps To Reproduce-: 1 install https://github.com/jsdecena/laracom locally or https://shop.laracom.net/ use demo 2 in search bar enter javascript...

4.3CVSS0.3AI score0.00875EPSS
Exploits1References1
Huntr
Huntr
added 2026/03/22 1:8 a.m.8 views

Arbitrary Code Execution via LossNode importlib.import_module() Before audit_tree() Trust Check

Arbitrary Code Execution via LossNode Import Before Audit — Trust Check Bypass Summary The LossNode.init method in skops/io/sklearn.py calls gettype, which invokes importlib.importmodule with attacker-controlled module and class names from the .skops file's schema.json. This import occurs during...

6.5AI score
Exploits0
Huntr
Huntr
added 2026/03/19 3:40 p.m.8 views

Unsafe cloudpickle.loads() and eval() in Callables Enable RCE via Malicious Task Payloads

This report is not public...

5.3AI score
Exploits0
Huntr
Huntr
added 2026/03/14 6:44 p.m.8 views

Decompression bomb bypass via negative max_length in streaming API (incomplete fix for CVE-2025-66471)

Description The fix for CVE-2025-66471 in urllib3 2.6.0 added maxlength support to all decoders to prevent decompression bombs when using the streaming API. However, three independent code paths in response.py bypass this protection in urllib3 2.6.3 latest. Bypass 1 — Negative maxlength from buff...

8.9CVSS6.2AI score0.00633EPSS
Exploits0
Huntr
Huntr
added 2026/03/05 1:20 p.m.8 views

NLTK Data Module - Arbitrary File Read via Dead Security Check

This report is not public...

5.3AI score
Exploits0
Huntr
Huntr
added 2026/01/14 7:2 p.m.8 views

Uncontrolled Recursion in NLTK StupidBackoff Language Model Allows Denial of Service

This report is not public...

5.3AI score
Exploits0
Huntr
Huntr
added 2025/12/08 9:27 a.m.8 views

MLflow SageMaker Command Injection Vulnerability

Description The vulnerability exists in /mlflow/sagemaker/init.py at lines 161-167, where user-supplied container image names are directly interpolated into shell commands without proper sanitization before being passed to os.system. Vulnerable Code Path : CLI Input --container parameter ↓...

8.8CVSS7.5AI score0.01456EPSS
Exploits1
Huntr
Huntr
added 2025/10/07 8:15 a.m.8 views

MLFlow server is exposed to data exfiltration and destruction due to lack of Origin validation

The MLFlow REST server is vulnerable to DNS rebinding attacks, allowing malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. Once rebinding is successful, the attacker can: Query for experiments via the 2.0/mlflow/experiments/search...

8.1CVSS6AI score0.00193EPSS
Exploits1
Huntr
Huntr
added 2025/08/01 11:42 p.m.8 views

Denial of Service via Unbounded parameter values

Description The /api/memories endpoint in the LibreChat application is found to be accepting arbitrarily large values for the key and value parameters. These inputs are not being properly validated or restricted in terms of maximum allowed character length. When an input containing more than 100...

7.5CVSS6.1AI score0.00313EPSS
Exploits1
Huntr
Huntr
added 2025/07/03 12:4 p.m.8 views

Dependacy chain attack through hijacking broken github repository at https://github.com/huggingface/transformers/blob/main/src/\ntransformers/models/fuyu/\nconvert_fuyu_model_weights_to_hf.py

Description Type: Dependency Chain Attack through hijacking broken github repository Risk: High Allows arbitrary code execution in model conversion workflows Affected Asset: https://github.com/adept-ai-labs/adept-inference Broken URL in Hugging Face Transformers Root Cause The Hugging Face...

6.5AI score
Exploits0
Huntr
Huntr
added 2025/07/01 5:58 p.m.8 views

LangChain HTMLSectionSplitter – XXE caused by unsafe XSLT parsing

This report is not public...

7.5CVSS6.9AI score0.00604EPSS
Exploits0
Huntr
Huntr
added 2025/06/30 9:0 a.m.8 views

Path traversal, lead to remote code execution

Description In zenml's PathMaterializer class, the load function uses ispathwithindirectory to validate files during data.tar.gz extraction. While this prevents path traversal vulnerabilities, it fails to effectively detect symbolic and hard links. with tarfile.openarchivepathlocal, "r:gz" as tar...

7.8CVSS6.5AI score0.00334EPSS
Exploits1
Huntr
Huntr
added 2025/06/25 6:25 a.m.8 views

SSRF in MLflow via user-controlled gateway_path parameter

Description A Server-Side Request Forgery SSRF vulnerability exists in the gatewayproxyhandler function of MLflow. This function accepts a user-controlled gatewaypath parameter and concatenates it directly with a targeturi, allowing an attacker to control the full outbound HTTP request path from...

5.8CVSS7.1AI score0.0037EPSS
Exploits0
Huntr
Huntr
added 2025/06/18 1:10 p.m.8 views

Path Traversal in Tokenizer Conversion Script

The script for converting slow tokenizers is vulnerable to a Path Traversal attack via the --checkpointname command-line argument. This allows an attacker to create files outside of the intended dumppath directory. Vulnerable Code Location: The vulnerability is located in the logic for converting...

6.3AI score
Exploits0
Huntr
Huntr
added 2025/06/14 6:41 p.m.8 views

Brotli decompression bomb DoS

This report is not public...

7.5CVSS6.9AI score0.00509EPSS
Exploits0
Huntr
Huntr
added 2025/06/13 8:33 a.m.8 views

Full system file read and delete via GET /api/v1/images/download/{bulk_download_item_name}

Description For invokeai version v6.0.0a1 and below, there is an endpoint for bulk downloading zip file. With some manipulation of the filename arguments, attacker can read and also delete any files on the server through this endpoint. P/S: Tested on Windows Proof of Concept Request: GET...

9.8CVSS7AI score0.00353EPSS
Exploits0
Huntr
Huntr
added 2025/05/30 8:7 a.m.8 views

langchain-community: Sensitive Information Disclosure Due to Insecure XML Parsing in EverNoteLoader

This report is not public...

7.5CVSS7AI score0.01531EPSS
Exploits0
Huntr
Huntr
added 2025/05/27 3:2 p.m.8 views

Denial of Service(DOS) in JSONReader

Description There exists a denial of service vulnerabilityDOS that occurs by python hitting max recursion depth while parsing a deeply nested json file using JSONReader. Vulnerable piece of code...

8.6CVSS7.1AI score0.0026EPSS
Exploits0
Huntr
Huntr
added 2025/04/04 1:4 p.m.8 views

MD5 Hash Collision in DocugamiReader Overwrites Structurally Distinct Chunks with Identical Text

Description The DocugamiReader class in llamaindex retrieves structured XML documents from the Docugami API, parses them into semantic chunks, and converts them into Document objects. To assign consistent IDs to each chunk, the following logic is used: hashedid =...

6.5CVSS7.2AI score0.00314EPSS
Exploits1
Huntr
Huntr
added 2025/03/25 8:42 p.m.8 views

SSRF Vulnerability in RequestsToolkit in langchain-community in langchain-ai/langchain

Description Vulnerability Description RequestsToolkit enables AI agents to perform HTTP requests GET, POST, PATCH, PUT, DELETE via LangChain workflows. However, a Server-Side Request Forgery SSRF vulnerability exists in the RequestToolkit component of the langchain-community package specifically,...

10CVSS6.9AI score0.14059EPSS
Exploits1
Huntr
Huntr
added 2025/03/07 7:49 p.m.8 views

Regular expression Denial of Service - ReDoS

Description The regex defined in the variable SETTINGRE contains repetition groups and non-optimized quantifiers, which can lead to exponential backtracking when receiving "almost matching" payloads. This may degrade the application's performance or even cause a denial-of-service DoS when...

7.5CVSS7.2AI score0.0043EPSS
Exploits1
Huntr
Huntr
added 2025/02/27 9:33 a.m.8 views

Command injection in LLama-Index CLI

Description There is an OS command injection vulnerability in the LLama-Index CLI. Because of pasting the --files argument directly into os.system, an attacker who controls the content of this argument can inject shell commands. The vulnerability was marked as "Local" in the CVSS rating because t...

7.8CVSS8.7AI score0.0103EPSS
Exploits1
Huntr
Huntr
added 2024/11/19 4:56 p.m.8 views

Admin Able to Create User Without Setting a Password

Description The application allows an admin to create a new user account without assigning a password. This could lead to security vulnerabilities, or the system might inadvertently create an account with a default or blank password, making it susceptible to unauthorized access. Proof of Concept ...

5.5CVSS7.2AI score0.00336EPSS
Exploits1
Huntr
Huntr
added 2024/11/12 10:24 a.m.8 views

SQL Injection in default_jsonalyzer via prompt injection leads to arbitrary file creation

Target Link Description defaultjsonalyzer function used in JSONalyzeQueryEngine execute a sqlite query that llm made. If the attacker control the sqlite query with prompt injection and execute a malicious sqlite query, then Denial-of-Service attack and arbitrary file creation is possible. Root...

7.1CVSS7.3AI score0.00478EPSS
Exploits1
Huntr
Huntr
added 2024/11/11 7:53 a.m.8 views

Exception unhandled, lead to server crash

Description In node js express, if exception is uncaught, the server will crash. fs module sometimes throw exception when dealing with file upload. Unauth user can send something to the server trigger the exception lead to server crash. Proof of Concept import requests import random import string...

7.5CVSS7.7AI score0.00864EPSS
Exploits1
Huntr
Huntr
added 2024/11/06 4:56 p.m.8 views

A malicious gguf model can lead to DoS due to unchecked null pointer dereference via network

This report is not public...

7.5CVSS9.4AI score0.00648EPSS
Exploits1
Huntr
Huntr
added 2024/11/04 7:10 p.m.8 views

Read from host file system via ImagePromptTemplate in langchain-core

Description You can create langchaincore.prompts.ImagePromptTemplate's and by extension the langchaincore.prompts.ChatPromptTemplate's with input variables that make it possible for the prompt template to read any user-specified path from the server file system. If the outputs of the prompt...

5.3CVSS5.4AI score0.00366EPSS
Exploits0
Huntr
Huntr
added 2024/11/02 11:49 p.m.8 views

Denial of service through tracking and requesting Aim objects through web API

This report is not public...

7.5CVSS7.1AI score0.0059EPSS
Exploits1
Huntr
Huntr
added 2024/11/01 1:30 a.m.8 views

Server Side Request Forgery(SSRF) on WordExtractor in langgenius/dify

Summary The vulnerability occurs when uploading DOCX files in the "Create Knowledge" section. If an external relationship exists in the DOCX file, the reltype value is requested as a URL. Requests are sent using the 'requests' module instead of the 'ssrfproxy', which can lead to an SSRF...

6.5CVSS6.8AI score0.00472EPSS
Exploits1
Huntr
Huntr
added 2024/10/31 9:19 p.m.8 views

Ollama server is vulnerable to OOM DoS attacks when using `makeRequestWithRetry` and `getAuthorizationToken` functions

This report is not public...

7.5CVSS7.7AI score0.00672EPSS
Exploits2
Huntr
Huntr
added 2024/10/16 11:49 a.m.8 views

Local File Inclusion in netease-youdao/qanything

This report is not public...

7.5CVSS7.1AI score0.0139EPSS
Exploits1
Huntr
Huntr
added 2023/08/18 11:54 a.m.8 views

Important Cookie without Secure flag

Description Cookie accessToken is without Secure flag. Mentioned cookie is responsible for user auth. Proof of Concept Repro steps: As logged in user https://app.vrite.io/ open DevTools and check Cookies table, get value of accessToken cookie. Open other browser, go to app.vrite.io site, open...

6.9AI score
Exploits0References1
Huntr
Huntr
added 2023/08/14 3:54 p.m.8 views

Cross-Site Request Forgery (CSRF)

A Cross-site request forgery CSRF attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do. This can be done by sending the victim a malicious link or by exploiting a vulnerability in the website. For example, an...

6.8AI score
Exploits0
Huntr
Huntr
added 2023/06/28 10:17 p.m.8 views

The user can put their survey in the survey groups even though this survey group is not in public mode

Description The user can put their survey in the survey groups even though this survey group is not in public mode Proof of Concept Step 1: The survey group SG03 isn't in public mode \ Step 2: In the "Survey groups" tab, User2 with only survey permission only sees the survey group Default \ Step ...

6.9AI score
Exploits0
Huntr
Huntr
added 2023/06/25 9:28 p.m.8 views

Dos via Document Comments

Description An attacker can abuse the document comment functionality, handled by the /api/comments.create API endpoint, since there is not size check or validation of the comment contents, which allows an attacker to send a comment with almost an unlimited number of characters1MB max POST size...

6.7AI score
Exploits0
Huntr
Huntr
added 2023/06/18 3:33 a.m.8 views

Stored XSS on user "Edit own profile" function

Description An attacker can inject malicious executable scripts into the code of the Social media field Proof of Concept Log in as a Member user, access My profile - Edit own profile function, insert this payload to any field " autofocus onfocus=promptdocument.domain then click Save. Access the...

7AI score
Exploits0
Huntr
Huntr
added 2023/06/15 3:47 p.m.8 views

Stored XSS on entire Client site

Description Admin or Staff with "System" permission can produce a store XSS on entire Client site Proof of Concept Edit the "Signature" field to this value "FOSSBilling.org - Client Management, Invoice and Support Software"" Then it will trigger in every Client screens Seems like it was rendered ...

6.2AI score
Exploits0
Huntr
Huntr
added 2023/04/19 4:34 a.m.8 views

Unable to indicate negative amount in captial

Description Unable to indicate negative amount in captial Proof of Concept 1 Login application 2 Go to Capital Add Capital Fill in amount -999,999,999.00 3 The website indicate an negative amount...

6.9AI score
Exploits0
Huntr
Huntr
added 2023/04/17 1:2 p.m.8 views

Improper Error Handling at Rating function

Description Please enter a description of the vulnerability. Navigating rating function http://127.0.0.1:8083/ratings/stored/-1 Change this number to arbitrary characters http://192.168.14.180:8083/ratings/stored/-2 Error occurs allows user to know the path of application file within system...

6.9AI score
Exploits0
Huntr
Huntr
added 2023/03/12 6:36 a.m.8 views

CSV Injection in CSV files generated by the backend

1 login in https://demo.limesurvey.org/index.php 2 the demo admin create a user with name "=1+cmd|'/C calc'!A0". 4 other users login and download all the users' data as csv. 5 other users open the csv file with execl in windows, notice that choose ";" as separator as. 6 we can see that the...

6.5AI score
Exploits0
Huntr
Huntr
added 2023/02/20 3:45 p.m.8 views

XSS in Library Description and Synopsis

Description The 'description' and 'synopsis' fields of libraries are vulnerable to stored XSS injection. If a user sets the synopsis or description of a library to ''"' they can set a stored XSS payload that fires whenever someone visits the /libraries page. Normally libraries are only editable b...

1AI score
Exploits0
Huntr
Huntr
added 2023/02/16 8:14 p.m.8 views

reflected xss

Description reflected xss SUMMURY here i uses demo instalation https://demo.limesurvey.org/ in firefox browser Proof of Concept login into user account and visit...

0.7AI score
Exploits0
Huntr
Huntr
added 2023/02/13 12:50 p.m.8 views

HTML Injection

Description HTML Injection vulnerability was discovered in Accounting module that allow authenticated user to inject malicious HTML code inside "accountnumber" parameter. Proof of Concept Video...

7.5AI score
Exploits0
Huntr
Huntr
added 2023/01/01 9:57 a.m.8 views

Send any message to any to any private channel

Description A user can add any message to a private channel that is not in that channel. This error is because the web application did not check if the sender userid is in that private channel. Proof of Concept Login to website in brower 1 with user A. Login to website in brower 2 with user B. Us...

6.9AI score
Exploits0
Total number of security vulnerabilities4072