| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-2361 | Arbitrary Upload & Read via Path Traversal in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-05-16 09:03:50 | Deep Dive |
| CVE-2024-2366 | Remote Code Execution in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-05-16 09:03:50 | Deep Dive |
| CVE-2024-3435 | Path Traversal in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-05-16 09:03:49 | Deep Dive |
| CVE-2024-3126 | Command Injection in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-05-16 09:03:48 | Deep Dive |
| CVE-2024-4326 | Remote Code Execution via `/apply_settings` and `/execute_code` in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-05-16 09:03:47 | Deep Dive |
| CVE-2024-4322 | Path Traversal in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-05-16 09:03:46 | Deep Dive |
| CVE-2024-2358 | Path Traversal leading to Remote Code Execution in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-05-16 09:03:45 | Deep Dive |
| CVE-2024-2299 | Stored Cross-Site Scripting (XSS) via Profile Picture Upload in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 中危 | - | 2024-05-12 20:27:55 | Deep Dive |
| CVE-2024-30256 | Open WebUI vulnerable to server-side request forgery in utils.py | open-webui | open-webui | Medium | 6.4 | 2024-04-16 14:24:22 | Deep Dive |
| CVE-2024-1569 | Uncontrolled Resource Consumption in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 中危 | - | 2024-04-16 00:00:15 | Deep Dive |
| CVE-2024-1601 | SQL Injection in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 高危 | - | 2024-04-16 00:00:14 | Deep Dive |
| CVE-2024-1646 | Authentication Bypass in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | 高危 | - | 2024-04-16 00:00:14 | Deep Dive |
| CVE-2024-31462 | Limited file write in Stable-diffusion-webui - GHSL-2024-010 | AUTOMATIC1111 | stable-diffusion-webui | Medium | 6.3 | 2024-04-12 21:41:46 | Deep Dive |
| CVE-2024-1520 | OS Command Injection in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-04-10 17:08:02 | Deep Dive |
| CVE-2024-1602 | Stored XSS leading to RCE in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-04-10 17:08:02 | Deep Dive |
| CVE-2024-1511 | Path Traversal Vulnerability in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-04-10 17:08:01 | Deep Dive |
| CVE-2024-1600 | Local File Inclusion in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-04-10 17:07:58 | Deep Dive |
| CVE-2024-1522 | Cross-Site Request Forgery (CSRF) Leading to Remote Code Execution in parisneo/lollms-webui | parisneo | parisneo/lollms-webui | - | - | 2024-03-30 18:02:59 | Deep Dive |
| CVE-2023-37523 | HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags | HCL Software | HCL BigFix OSD Bare Metal Server WebUI | Medium | 5.6 | 2024-01-16 17:33:02 | Deep Dive |
| CVE-2023-37522 | HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags | HCL Software | HCL BigFix OSD Bare Metal Server WebUI | Medium | 5.6 | 2024-01-16 15:59:35 | Deep Dive |