Skip to main content
Abstract art
Abstract art
Abstract art
Abstract art

For individuals

22 Jul 2025
Riasztás

NA - CVE-2025-48964 - ping in iputils through 20240905 allows a...

ping in iputils through 20240905 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can...
security-database.com
Read more
22 Jul 2025
Riasztás

NA - CVE-2025-51464 - Cross-site Scripting (XSS) in aimhubio Aim...

Cross-site Scripting (XSS) in aimhubio Aim 3.28.0 allows remote attackers to execute arbitrary JavaScript in victims browsers via malicious Python code submitted to the /api/reports endpoint, which...
security-database.com
Read more
22 Jul 2025
Riasztás

NA - CVE-2025-51459 - File Upload vulnerability in...

File Upload vulnerability in agent.hub.controller.refresh_plugins in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary code via a malicious plugin ZIP file uploaded to the...
security-database.com
Read more
22 Jul 2025
Riasztás

NA - CVE-2025-51471 - Cross-Domain Token Exposure in...

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a...
security-database.com
Read more
22 Jul 2025
Riasztás

NA - CVE-2025-51479 - Authorization bypass in update_user_group in...

Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows remote authenticated attackers to modify arbitrary user groups via crafted PATCH requests to the...
security-database.com
Read more
22 Jul 2025
Riasztás

NA - CVE-2025-31511 - An issue was discovered in AlertEnterprise...

An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval by changing the user ID in a Request%20Building%20Access requestSubmit API call.
security-database.com
Read more
22 Jul 2025
Riasztás

NA - CVE-2025-31512 - An issue was discovered in AlertEnterprise...

An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval via isAddedByApprover in a Request%20Building%20Access requestSubmit API call.
security-database.com
Read more
22 Jul 2025
Riasztás

NA - CVE-2025-31513 - An issue was discovered in AlertEnterprise...

An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can elevate to administrator privileges via the IsAdminApprover parameter in a Request%20Building%20Access requestSubmit API call.
security-database.com
Read more
22 Jul 2025
Riasztás

NA - CVE-2025-51458 - SQL Injection in editor_sql_run and query_ex in...

SQL Injection in editor_sql_run and query_ex in eosphoros-ai DB-GPT 0.7.0 allows remote attackers to execute arbitrary SQL statements via crafted input passed to the /v1/editor/sql/run or...
security-database.com
Read more
22 Jul 2025
Riasztás

NA - CVE-2025-51472 - Code Injection in...

Code Injection in AgentTemplate.eval_agent_config in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template...
security-database.com
Read more
Language
Type