SQL Injection

llama-index-packs-finchat is vulnerable to SQL Injection. The vulnerability is due to improper handling of user input in the runsqlquery function, which allows an attacker to inject arbitrary SQL queries and achieve code execution via PostgreSQL large object functionality...

Denial-of-service (DoS)

pypdf is vulnerable to Denial-of-service DoS. The vulnerability is due to improper handling of the LZWDecode filter while parsing a PDF page content stream, which allows an attacker to craft a malicious PDF that triggers excessive memory usage...

Remote Code Execution (RCE)

pdfminer.six is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe deserialization in the CMapDB.loaddata function, where pickle.loads processes attacker-controlled pickle.gz files referenced by a malicious PDF, allowing arbitrary code execution when the file is...

Heap-based Buffer Overflow

MLX is vulnerable to Heap-based Buffer Overflow. The vulnerability is due to a 13-byte out-of-bounds read when parsing malicious NumPy .npy files, where an attacker-controlled file causes a crash or information disclosure, and attackers can exploit this by crafting malicious .npy files to gain...

Race Condition

Agno is vulnerable to a race condition. The vulnerability is due to improper handling of sessionstate under high concurrency during run or arun calls, which allows an attacker to cause session data to be incorrectly assigned and persisted, potentially exposing one user's session data to another...

Directory Traversal

AstrBot is vulnerable to Directory Traversal. The vulnerability is due to an arbitrary file read vulnerability in the encodeimagebs64 function, where attackers can construct malicious URLs to read any specified file, resulting in sensitive data leakage...

Denial Of Service (DoS)

Django is vulnerable to Denial of Service DoS. The vulnerability is due to inefficient processing in django.core.serializers.xmlserializer.getInnerText when handling specially crafted XML input, which allows a remote attacker to trigger CPU and memory exhaustion through the XML Deserializer...

TorchGeo Remote Code Execution Vulnerability

Impact TorchGeo 0.4–0.6.0 used an ""eval"" https://docs.python.org/3/library/functions.htmleval statement in its model weight API that could allow an unauthenticated, remote attacker to execute arbitrary commands. All platforms that expose ""torchgeo.models.getweight""...

Denial Of Service (DoS)

Bugsink is vulnerable to Denial Of Service DoS. The vulnerability is due to inefficient handling of Brotli-compressed data during decompression, which allows an attacker to send crafted payloads that consume excessive CPU resources and disrupt service availability...

Denial Of Service (DoS)

mlx is vulnerable to Denial of Service DoS. The vulnerability is due to dereferencing an untrusted pointer from the external gguflib library in mlx::core::loadgguf without proper validation, allowing a malicious GGUF file to trigger a segmentation fault and crash the application...

Path Traversal

Keras is vulnerable to path traversal. The vulnerability is due to the keras.utils.getfile API using Python’s tarfile.extractall without the filter="data" protection when extracting tar archives, which allows a remote attacker to craft a malicious archive with symlinks and write arbitrary files...

Denial Of Service (DoS)

Bugsink is vulnerable to Denial of Service DoS. The vulnerability is due to decompression of highly compressed Brotli data before enforcing limits, which allows an attacker to send crafted payloads that exhaust memory and crash the server...

Cross-Site Scripting (XSS)

spotipy is vulnerable to cross-site scripting XSS. The vulnerability is due to improper sanitization of the error parameter in the OAuth callback server, which allows an attacker to inject and execute arbitrary JavaScript in the user's browser during OAuth authentication...

SQL Injection

assyncmy is vulnerable to SQL Injection. The vulnerability is due to improper handling of crafted dictionary keys in SQL query construction, which allows an attacker to inject and execute arbitrary SQL commands...

Improper Authorization

trytond is vulnerable to Improper Authorization. The vulnerability is due to missing access control enforcement on the HTML editor route, which allows an attacker to access or modify content without proper permissions...

Arbitrary File Upload

open-webui is vulnerable to Arbitrary File Upload. The vulnerability is due to insufficient validation of uploaded file content types and user-controlled filenames, which allows an attacker to overwrite critical files and potentially execute arbitrary code...

Improper Access Control

apacheairflow is vulnerable to improper access control. The vulnerability is due to insufficient authorization checks in the bulk create API with the overwrite action, which allows an attacker with only CREATE privileges to update existing Pools, Connections, and Variables without having UPDATE...

LDAP Injection

pgAdmin is vulnerable to LDAP Injection. The vulnerability is due to improper sanitization of special LDAP characters in the username during the LDAP authentication flow, which allows an attacker to inject crafted input and cause the DC/LDAP server and client to process excessive data...

Code Injection

Open WebUI is vulnerable to a code injection vulnerability. The vulnerability is due to improper handling of Server-Sent Event SSE execute events in the Direct Connections feature, which allows an attacker controlling a malicious external model server to inject and execute arbitrary JavaScript in...

SQL Injection

LangGraph SQLite Checkpoint is vulnerable to SQL injection. The vulnerability is due to unsafe construction of SQL queries using unvalidated metadata filter keys, where attacker-controlled keys are interpolated directly into SQL f-strings in the checkpoint search logic, allowing manipulation of...

Authentication Bypass

pgAdmin is vulnerable to Authentication Bypass. The vulnerability is due to improper TLS certificate verification in the LDAP authentication mechanism, which allows an attacker to bypass secure authentication controls and potentially intercept or manipulate authentication traffic...

Improper Encoding Or Escaping Of Output

MotionEye is vulnerable to Improper Encoding or Escaping of Output. The vulnerability is due to unsanitized user input in configuration parameters being written to configuration files, which allows an attacker to execute arbitrary commands when the service is restarted...

Directory Traversal

NiceGUI is vulnerable to Directory Traversal. The vulnerability is due to improper validation in the App.addmediafiles function, which allows an attacker to access and read arbitrary files from the server filesystem...

Cross-site Scripting (XSS)

Pyhtml2pdf is vulnerable to Cross-site Scripting XSS. The vulnerability is due to lack of validation of user-supplied HTML content, which allows an attacker to access and retrieve arbitrary local files...

Arbitrary File Access

Werkzeug is vulnerable to Arbitrary File Access. The vulnerability is due to insufficient validation of Windows device names in the safejoin function, where paths ending with special device names such as CON or AUX can be opened via sendfromdirectory, causing the application to hang indefinitely...

Uncontrolled Memory Allocation

pypdf is vulnerable to uncontrolled memory allocation. The vulnerability is due to improper handling of LZWDecode streams, which allows an attacker to craft a malicious PDF that causes excessive memory consumption up to 1 GB per stream during content parsing...

Improper Access Control

Doris MCP Server is vulnerable to Improper Access Control. The vulnerability is due to an attacker with a valid read-only account being able to bypass Doris MCP Server’s read-only mode, where they can perform unauthorized modifications, and attackers with read-only access may perform unauthorized...

Improper Cache Control

tutor is vulnerable to Improper Cache Control. The vulnerability is due to the absence of proper cache-control HTTP headers and client-side session checks, which allows an attacker to access sensitive information through cached or improperly validated sessions...

Improper Access Control

mcp MCP Python SDK is vulnerable to Improper Access Control. The vulnerability is due to DNS rebinding protection not being enabled by default for HTTP-based servers, allowing a malicious website to bypass same-origin policy and send requests to a local MCP server running without authentication,...

Authentication Bypass

OpenStack Keystone is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of AWS Signature-based requests in token endpoints, which allows an attacker to gain unauthorized Keystone access using crafted requests...

Denial Of Service (DoS)

joserfc is vulnerable to Denial of Service DoS. The vulnerability is due to ExceededSizeError exception messages embedding non-decoded JWT token parts, which may cause Python logging systems to process extremely large attacker-supplied JWT payloads, potentially leading to excessive memory or...

Denial Of Service (DoS)

urllib3 is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to an unbounded decompression chain, where nested compression layers are not limited, allowing a malicious server to send specially crafted responses that trigger excessive CPU usage and large memory allocation during...

Information Exposure

ansible-collection-community-general is vulnerable to Information Exposure. The vulnerability is due to verbose debug output exposing sensitive credentials such as plaintext passwords, which allows an attacker with access to logs to retrieve these secrets and potentially compromise Keycloak...

SQL Injection

langgraph-checkpoint-sqlite is vulnerable to SQL Injection. The vulnerability is due to use of direct string concatenation without proper parameterization in database queries, which allows an attacker to inject arbitrary SQL and bypass access controls...

Remote Code Execution (RCE)

pyquokka is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe deserialization using pickle.loads on untrusted input without validation, which allows an attacker to execute arbitrary code by sending malicious payloads...

Reflected Cross-Site Scripting (XSS)

NiceGUI is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability is due to improper sanitization or encoding in the ui.addcss, ui.addscss, and ui.addsass functions, which allows an attacker to inject closing tags and execute arbitrary JavaScript...

Incorrect Access Control

open-webui is vulnerable to Incorrect Access Control. The vulnerability is due to missing ownership verification in the /api/tasks/stop/ API, allowing a normal user to stop arbitrary LLM response tasks by directly cancelling tasks without proper authorization checks...

Arbitrary Code Injection

pgAdmin is vulnerable to Arbitrary Code Injection. The vulnerability is due to improper handling of PLAIN-format dump files during restore operations in server mode, which allows an attacker to inject and execute arbitrary commands on the server hosting pgAdmin...

Remote Code Execution (RCE)

vLLM is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe dynamic loading and execution of classes from remote repositories via the automap configuration, which allows an attacker to execute arbitrary code even when trustremotecode is disabled...

Improper Cleanup Of Sensitive Data

Ansible is vulnerable to improper cleanup of sensitive data. The vulnerability is due to the awsssm connection plugin not performing garbage collection after playbook execution, which allows sensitive files to remain in the storage bucket and exposes confidential data to unauthorized access...

Deserialization Of Untrusted Data

Keras framework is vulnerable to Deserialization of untrusted data. The vulnerability is due to improper handling of maliciously crafted Keras files during deserialization, which allows an attacker to execute arbitrary code on an end user’s system by loading a file containing a TorchModuleWrapper...

Denial Of Service (DoS)

Starlette is vulnerable to Denial Of Service DoS. The vulnerability is due to quadratic-time processing in the FileResponse HTTP Range header parsing and merging logic, which allows an unauthenticated attacker to send a crafted Range header to exhaust CPU resources...

Insecure Deserialization

Modular is vulnerable to Insecure Deserialization. The vulnerability is due to insecure deserialization when the --experimental-enable-kvcache-agent feature is enabled, allowing attackers to supply crafted serialized data that can be processed by the server and lead to arbitrary code execution...

Server-Side Request Forgery (SSRF)

Open WebUI is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of user-supplied URLs, allowing authenticated users to force the server to send HTTP requests to arbitrary destinations, which may enable access to internal services, cloud metadata...

Remote Code Execution

SGLang is vulnerable to Remote Code Execution. The vulnerability is due to the manipulation of the argument serializednamedtensors, where the function main of the file /updateweightsfromtensor results in deserialization, and attackers can launch the attack remotely by exploiting this vulnerabilit...

Local File Inclusion (LFI)

pythonmistralclient is vulnerable to Local File Inclusion LFI. The vulnerability is due to improper validation of file paths in the 'Create Workbook' feature, which allows an attacker to include and read arbitrary local files from the system...

Command Injection

Cybersecurity AI CAI is vulnerable to Command Injection. The vulnerability is due to insufficient input sanitization in the runsshcommandwithcredentials function, where the username, host, and port parameters are not properly escaped, allowing attackers to inject malicious commands...

Use Of Hard-coded Cryptographic Key

AstrBot is vulnerable to the Use of Hard-coded Cryptographic Key. The vulnerability is due to the presence of a hard-coded signing key in the application, which allows an attacker to forge tokens and execute arbitrary commands by installing a malicious plugin...

Insecure Deserialization

cryptidy is vulnerable to insecure deserialization. The vulnerability is due to the use of pickle.loads on untrusted data in the aesdecryptmessage function within symmetricencryption.py, which allows an attacker to execute arbitrary code by supplying crafted serialized input...

Weak Password Requirements

MLflow is vulnerable to Weak Password Requirements. The vulnerability is due to weak password requirements in the authentication mechanism, which allows an attacker to bypass authentication and gain unauthorized access to the system...