CyberAlerts

CVE-2024-8581

Description: A vulnerability in the `upload_app` function of parisneo/lollms-webui V12 (Strawberry) allows an attacker to delete any file or directory on the system. The function does not implement user input filtering with the `filename` value, causing a Path Traversal error.

CVSS: CRITICAL (9.1)

EPSS Score: 0.06%

Source: CVE

March 20th, 2025 (about 1 month ago)

CVE-2024-8551

Path Traversal in modelscope/agentscope

Description: A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attacker to read and write arbitrary JSON files on the filesystem, potentially leading to the exposure or modification of sensitive information such as configuration files, API keys, and hardcoded passwords.

CVSS: CRITICAL (9.1)

EPSS Score: 0.08%

Source: CVE

March 20th, 2025 (about 1 month ago)

CVE-2024-8537

Path Traversal in modelscope/agentscope

Description: A path traversal vulnerability exists in the modelscope/agentscope application, affecting all versions. The vulnerability is present in the /delete-workflow endpoint, allowing an attacker to delete arbitrary files from the filesystem. This issue arises due to improper input validation, enabling the attacker to manipulate file paths and delete sensitive files outside of the intended directory.

CVSS: CRITICAL (9.1)

EPSS Score: 0.27%

Source: CVE

March 20th, 2025 (about 1 month ago)

CVE-2024-8502

Remote Code Execution via Deserialization in modelscope/agentscope

Description: A vulnerability in the RpcAgentServerLauncher class of modelscope/agentscope v0.0.6a3 allows for remote code execution (RCE) via deserialization of untrusted data using the dill library. The issue occurs in the AgentServerServicer.create_agent method, where serialized input is deserialized using dill.loads, enabling an attacker to execute arbitrary commands on the server.

CVSS: CRITICAL (9.8)

EPSS Score: 0.16%

Source: CVE

March 20th, 2025 (about 1 month ago)

CVE-2024-8196

Missing Authentication for Critical Function in mintplex-labs/anything-llm

Description: In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server port 3001 on 0.0.0.0 with no authentication by default. This vulnerability allows an attacker to gain full backend access, enabling them to perform actions such as deleting all data from the workspace.

CVSS: CRITICAL (9.8)

EPSS Score: 0.11%

Source: CVE

March 20th, 2025 (about 1 month ago)

CVE-2024-8019

Arbitrary File Write/Overwrite in lightning-ai/pytorch-lightning

Description: In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the `LightningApp` when running on a Windows host. The vulnerability occurs at the `/api/v1/upload_file/` endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to potential remote code execution (RCE) by overwriting critical files or placing malicious files in sensitive locations.

CVSS: CRITICAL (9.1)

EPSS Score: 0.25%

Source: CVE

March 20th, 2025 (about 1 month ago)

CVE-2024-8017

Cross-site Scripting (XSS) in open-webui/open-webui

Description: An XSS vulnerability exists in open-webui/open-webui versions <= 0.3.8, specifically in the function that constructs the HTML for tooltips. This vulnerability allows attackers to perform operations with the victim's privileges, such as stealing chat history, deleting chats, and escalating their own account to an admin if the victim is an admin.

CVSS: CRITICAL (9.0)

EPSS Score: 0.04%

Source: CVE

March 20th, 2025 (about 1 month ago)

CVE-2024-7957

Arbitrary File Overwrite in danswer-ai/danswer

Description: An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the load_credentials method, where user-controlled input for realm_name and zuliprc_content is used to construct file paths and write file contents. This allows attackers to overwrite or create arbitrary files if a zuliprc- directory already exists in the temporary directory.

CVSS: CRITICAL (9.1)

EPSS Score: 0.06%

Source: CVE

March 20th, 2025 (about 1 month ago)

CVE-2024-6829

Arbitrary File Overwrite through tarfile-extraction in aimhubio/aim

Description: A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to exploit the `tarfile.extractall()` function to extract the contents of a maliciously crafted tarfile to arbitrary locations on the host server. The attacker can control `repo.path` and `run_hash` to bypass directory existence checks and extract files to unintended locations, potentially overwriting critical files. This can lead to arbitrary data being written to arbitrary locations on the remote tracking server, which could be used for further attacks such as writing a new SSH key to the target server.

CVSS: CRITICAL (9.1)

EPSS Score: 0.06%

Source: CVE

March 20th, 2025 (about 1 month ago)

CVE-2024-5752

Path Traversal in stitionai/devika

Description: A path traversal vulnerability exists in stitionai/devika, specifically in the project creation functionality. In the affected version beacf6edaa205a5a5370525407a6db45137873b3, the project name is not validated, allowing an attacker to create a project with a crafted name that traverses directories. This can lead to arbitrary file overwrite when the application generates code and saves it to the specified project directory, potentially resulting in remote code execution.

CVSS: CRITICAL (9.1)

EPSS Score: 0.58%

Source: CVE

March 20th, 2025 (about 1 month ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-8581	Path Traversal in parisneo/lollms-webui Description: A vulnerability in the `upload_app` function of parisneo/lollms-webui V12 (Strawberry) allows an attacker to delete any file or directory on the system. The function does not implement user input filtering with the `filename` value, causing a Path Traversal error. CVSS: CRITICAL (9.1) EPSS Score: 0.06% Source: CVE March 20th, 2025 (about 1 month ago)
CVE-2024-8551	Path Traversal in modelscope/agentscope Description: A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attacker to read and write arbitrary JSON files on the filesystem, potentially leading to the exposure or modification of sensitive information such as configuration files, API keys, and hardcoded passwords. CVSS: CRITICAL (9.1) EPSS Score: 0.08% Source: CVE March 20th, 2025 (about 1 month ago)
CVE-2024-8537	Path Traversal in modelscope/agentscope Description: A path traversal vulnerability exists in the modelscope/agentscope application, affecting all versions. The vulnerability is present in the /delete-workflow endpoint, allowing an attacker to delete arbitrary files from the filesystem. This issue arises due to improper input validation, enabling the attacker to manipulate file paths and delete sensitive files outside of the intended directory. CVSS: CRITICAL (9.1) EPSS Score: 0.27% Source: CVE March 20th, 2025 (about 1 month ago)
CVE-2024-8502	Remote Code Execution via Deserialization in modelscope/agentscope Description: A vulnerability in the RpcAgentServerLauncher class of modelscope/agentscope v0.0.6a3 allows for remote code execution (RCE) via deserialization of untrusted data using the dill library. The issue occurs in the AgentServerServicer.create_agent method, where serialized input is deserialized using dill.loads, enabling an attacker to execute arbitrary commands on the server. CVSS: CRITICAL (9.8) EPSS Score: 0.16% Source: CVE March 20th, 2025 (about 1 month ago)
CVE-2024-8196	Missing Authentication for Critical Function in mintplex-labs/anything-llm Description: In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server port 3001 on 0.0.0.0 with no authentication by default. This vulnerability allows an attacker to gain full backend access, enabling them to perform actions such as deleting all data from the workspace. CVSS: CRITICAL (9.8) EPSS Score: 0.11% Source: CVE March 20th, 2025 (about 1 month ago)
CVE-2024-8019	Arbitrary File Write/Overwrite in lightning-ai/pytorch-lightning Description: In lightning-ai/pytorch-lightning version 2.3.2, a vulnerability exists in the `LightningApp` when running on a Windows host. The vulnerability occurs at the `/api/v1/upload_file/` endpoint, allowing an attacker to write or overwrite arbitrary files by providing a crafted filename. This can lead to potential remote code execution (RCE) by overwriting critical files or placing malicious files in sensitive locations. CVSS: CRITICAL (9.1) EPSS Score: 0.25% Source: CVE March 20th, 2025 (about 1 month ago)
CVE-2024-8017	Cross-site Scripting (XSS) in open-webui/open-webui Description: An XSS vulnerability exists in open-webui/open-webui versions <= 0.3.8, specifically in the function that constructs the HTML for tooltips. This vulnerability allows attackers to perform operations with the victim's privileges, such as stealing chat history, deleting chats, and escalating their own account to an admin if the victim is an admin. CVSS: CRITICAL (9.0) EPSS Score: 0.04% Source: CVE March 20th, 2025 (about 1 month ago)
CVE-2024-7957	Arbitrary File Overwrite in danswer-ai/danswer Description: An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the load_credentials method, where user-controlled input for realm_name and zuliprc_content is used to construct file paths and write file contents. This allows attackers to overwrite or create arbitrary files if a zuliprc- directory already exists in the temporary directory. CVSS: CRITICAL (9.1) EPSS Score: 0.06% Source: CVE March 20th, 2025 (about 1 month ago)
CVE-2024-6829	Arbitrary File Overwrite through tarfile-extraction in aimhubio/aim Description: A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to exploit the `tarfile.extractall()` function to extract the contents of a maliciously crafted tarfile to arbitrary locations on the host server. The attacker can control `repo.path` and `run_hash` to bypass directory existence checks and extract files to unintended locations, potentially overwriting critical files. This can lead to arbitrary data being written to arbitrary locations on the remote tracking server, which could be used for further attacks such as writing a new SSH key to the target server. CVSS: CRITICAL (9.1) EPSS Score: 0.06% Source: CVE March 20th, 2025 (about 1 month ago)
CVE-2024-5752	Path Traversal in stitionai/devika Description: A path traversal vulnerability exists in stitionai/devika, specifically in the project creation functionality. In the affected version beacf6edaa205a5a5370525407a6db45137873b3, the project name is not validated, allowing an attacker to create a project with a crafted name that traverses directories. This can lead to arbitrary file overwrite when the application generates code and saves it to the specified project directory, potentially resulting in remote code execution. CVSS: CRITICAL (9.1) EPSS Score: 0.58% Source: CVE March 20th, 2025 (about 1 month ago)