7044 matches found
Inefficient Regular Expression Complexity in langflow
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...
Prevent XSS from Confidant API call
ImpactWhat kind of vulnerability is it? Who is impacted?Potential XSS from API calls below:GET /v1/credentialsGET /v1/credentials/GET /v1/archive/credentials/GET /v1/archive/credentialsPOST /v1/credentialsPUT /v1/credentials/PUT /v1/credentials//GET /v1/servicesGET /v1/services/GET...
Mesop has a local file Inclusion via static file serving functionality
A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validation in a specific endpoint. This could have allowed an attacker to access files...
Reverb use after free vulnerability
There exists a use after free vulnerability in Reverb.Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance...
xhtml2pdf Denial of Service via crafted string
An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service ReDOS via supplying a crafted string...
open-webui Insecure Direct Object Reference (IDOR) vulnerability
An Insecure Direct Object Reference IDOR vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint http://0.0.0.0:3000/api/v1/memories/id/update, where the decentralization design is flawed, allowing attackers to edit other users' memories without...
OAuth2 client ID and secret exposed through the web browser
pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data...
Django allows enumeration of user e-mail addresses
An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to enumerate user e-mail addresses by sending password reset requests and observing the outcome only...
Guardrails has an arbitrary code execution vulnerability
An arbitrary code execution vulnerability exists in versions 0.2.9 up to 0.5.10 of the Guardrails AI Guardrails framework because of the way it validates XML files. If a victim user loads a maliciously crafted XML file containing Python code, the code will be passed to an eval function, causing i...
Composio Code Injection Vulnerability
A vulnerability has been found in composiohq composio up to 0.5.6 and classified as critical. Affected by this vulnerability is the function Calculator of the file python/composio/tools/local/mathematical/actions/calculator.py. The manipulation leads to code injection. The exploit has been...
Composio Path Traversal vulnerability
A vulnerability was found in composiohq composio up to 0.5.8 and classified as problematic. Affected by this issue is the function path of the file composio\server\api.py. The manipulation of the argument file leads to path traversal. The exploit has been disclosed to the public and may be used...
vLLM Denial of Service via the best_of parameter
A vulnerability was found in the ilab model serve component, where improper handling of the bestof parameter in the vllm JSON web API can lead to a Denial of Service DoS. The API used for LLM-based sentence or chat completion accepts a bestof parameter to return the best completion from several...
Aim Stored XSS through TEXT EXPLORER
A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24. Affected is the function dangerouslySetInnerHTML of the file textbox.tsx of the component Text Explorer. The manipulation of the argument query leads to cross site scripting. It is possible to launch the...
LangChain pickle deserialization of untrusted data
A vulnerability in the FAISS.deserializefrombytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function. The issue affects versions prior to 0.2.4...
sqlitedict insecure deserialization vulnerability
Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code...
vLLM denial of service vulnerability
A flaw was found in the vLLM library. A completions API request with an empty prompt will crash the vLLM API server, resulting in a denial of service...
Sentry improperly authorizes deletion of user issue alert notifications
ImpactAn authenticated user may delete user issue alert notifications for arbitrary users given a known alert ID. PatchesA patch was issued to ensure authorization checks are properly scoped on requests to delete user alert notifications.Sentry SaaS users do not need to take any action. Self-Host...
Sentry improperly authorizes muting of alert rules
ImpactAn authenticated user can mute alert rules from arbitrary organizations and projects given a known given rule ID. The user does not need to be a member of the organization or have permissions on the project. In our review, we have identified no instances where alerts have been muted by...
D-Tale Command Execution Vulnerability
D-Tale is the combination of a Flask back-end and a React front-end to bring you an easy way to view & analyze Pandas data structures. Indtale\views.py, under the [email protected]"/chart-data/", the query parameters from the request are directly passed intorunqueryfor execution. And...
D-Tale vulnerable to Remote Code Execution through the Query input on Chart Builder
ImpactUsers hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. PatchesUsers should upgrade to version 3.14.1 where the "Custom Filter" input is turned off by default. You can find out more information on how to turn it back o...
MindsDB Cross-site Scripting vulnerability
A cross-site scripting XSS vulnerability exists in all versions of the MindsDB platform, enabling the execution of a JavaScript payload whenever a user enumerates an ML Engine, database, project, or dataset containing arbitrary JavaScript code within the web UI...
LiteLLM Server-Side Request Forgery (SSRF) vulnerability
A Server-Side Request Forgery SSRF vulnerability exists in berriai/litellm version 1.38.10. This vulnerability allows users to specify the apibase parameter when making requests to POST /chat/completions, causing the application to send the request to the domain specified by apibase. This request...
Timing-Based Username Enumeration Vulnerability in Fides Webserver Authentication
A timing-based username enumeration vulnerability has been identified in Fides Webserver authentication. This vulnerability allows an unauthenticated attacker to determine the existence of valid usernames by analyzing the time it takes for the server to respond to login requests. The discrepancy ...
MindsDB Eval Injection vulnerability
An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted ‘UPDATE’ query containing Python code is run against a database created with the specified integration...
Cleanlab Deserialization of Untrusted Data vulnerability
Deserialization of untrusted data can occur in versions 2.4.0 or newer of the Cleanlab project, enabling a maliciously crafted datalab.pkl file to run arbitrary code on an end user’s system when the data directory is loaded...
Refuel Autolab Eval Injection vulnerability
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its classification tasks handle provided CSV files. If a victim user creates a classification task using a maliciously crafted CSV file containing Python code, the code...
Flask-AppBuilder's login form allows browser to cache sensitive fields
ImpactAuth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources. PatchesUpgrade flask-appbuilder to version 4.5.1 WorkaroundsIf upgrading is not possible configure your web server to send the...
Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine
SummaryThe Email Templating feature uses Jinja2 without proper input sanitization or rendering environment restrictions, allowing for Server-Side Template Injection that grants Remote Code Execution to privileged users. A privileged user refers to an Admin UI user with the default Owner or...
Ansible vulnerable to Insertion of Sensitive Information into Log File
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as includevars to load vaulted variables without setting the nolog: true parameter, resulting in sensitive data...
Refuel Autolab Eval Injection vulnerability
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its multilabel classification tasks handle provided CSV files. If a user creates a multilabel classification task using a maliciously crafted CSV file containing Python...
FastAPI Admin cross-site scripting (XSS) vulnerability in the Create Product function
A cross-site scripting XSS vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...
Mage AI incorrectly gives privileges to users with deleted accounts
Guest users in the Mage AI framework that remain logged in after their accounts are deleted, are mistakenly given high privileges and specifically given access to remotely execute arbitrary code through the Mage AI terminal server...
CKAN has Cross-site Scripting vector in the Datatables view plugin
The Datatables view plugin did not properly escape record data coming from the DataStore, leading to a potential XSS vector. ImpactSites running CKAN = 2.7.0 with the datatablesview plugin activated. This is a plugin included in CKAN core, that not activated by default but it is widely used to...
FastAPI Admin Cross-site Scripting vulnerability in the Config-Create function
A cross-site scripting XSS vulnerability in the Config-Create function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter...
Khoj Vulnerable to Stored Cross-site Scripting In Automate (Preview feature)
SummaryThe Automation feature allows a user to insert arbitrary HTML inside the task instructions, resulting in a Stored XSS. DetailsThe q parameter for the /api/automation endpoint does not get correctly sanitized when rendered on the page, resulting in the ability of users to inject arbitrary...
Mage AI Path Traversal vulnerability
Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Pipeline Interaction" request...
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users
Mage AI allows remote unauthenticated attackers to leak the terminal server command history of arbitrary users...
Potential access to sensitive URLs via CKAN extensions (SSRF)
ImpactThere are a number of CKAN plugins, including XLoader, DataPusher, Resource proxy and ckanext-archiver, that work by downloading the contents of local or remote files in order to perform some actions with their contents e.g. pushing to the DataStore, streaming contents or saving a local cop...
Mage AI Path Traversal vulnerability
Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "File Content" request...
CKAN may leak Solr credentials via error message in package_search action
If there were connection issues with the Solr server, the internal Solr URL potentially including credentials could be leaked to packagesearch calls as part of the returned error message PatchesThis has been patched in CKAN 2.10.5 and 2.11.0...
Mage AI Path Traversal vulnerability
Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Git Content" request...
Insecure Jinja2 templates rendered in Haystack Components can lead to RCE
ImpactHaystack clients that let their users create and run Pipelines from scratch are vulnerable to remote code executions.Certain Components in Haystack use Jinja2 templates, if anyone can create and render that template on the client machine they run any code. PatchesThe problem has been fixed...
MobSF vulnerable to Open Redirect in Login Redirect
ImpactWhat kind of vulnerability is it? Who is impacted?An open redirect vulnerability exist in MobSF authentication view. PoC1. Go to http://127.0.0.1:8000/login/?next=//afine.com in a web browser.2. Enter credentials and press "Sign In".3. You will be redirected to afine.comUsers who are not...
Weave server API vulnerable to arbitrary file leak
The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin...
In aiohttp, compressed files as symlinks are not protected from path traversal
SummaryStatic routes which contain files with compressed variants .gz or .br extension were vulnerable to path traversal outside the root directory if those variants are symbolic links. DetailsThe server protects static routes from path traversal outside the root directory when followsymlinks=Fal...
Mobile Security Framework (MobSF) has a Zip Slip Vulnerability in .a Static Library Files
SummaryUpon reviewing the MobSF source code, I identified a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented.Since the implemented measure can be bypassed, the...
openstack-heat may disclose sensitive information
An incomplete fix for CVE-2023-1625 was found in openstack-heat. Sensitive information may possibly be disclosed through the OpenStack stack abandon command with the hidden feature set to True and the CVE-2023-1625 fix applied...
Open WebUI Stored Cross-Site Scripting Vulnerability
Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page...
PheonixAppAPI has visible Encoding Maps
ImpactThis is a kind of moderate issue. The impact is not big for normal users but can be for users who want to secure their code/files/etc.The issue is that the map of encoding/decoding languages are visible in code. PatchesThe Problem was patched in 0.2.5, so you should try to upgrade to the...
Pulp incorrectly assigns RBAC permissions in tasks that create objects
A flaw was found in the Pulp package. When a role-based access control RBAC object in Pulp is set to assign permissions on its creation, it uses the AutoAddObjPermsMixin typically the addrolesforobjectcreator method. This method finds the object creator by checking the current authenticated user...