CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-4320 – Remote Code Execution due to LFI in '/install_extension' in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-4320
A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui application, specifically within the `@router.post("/install_extension")` route handler. The vulnerability arises due to improper handling of the `name` parameter in the `ExtensionBuilder().build_extension()` method, which allows for local file inclusion (LFI) leading to arbitrary code execution. ... This vulnerability affects the latest version of parisneo/lollms-webui and can lead to remote code execution without requiring user interaction, especially when the application is exposed to an external endpoint or operated in headless mode. Existe una vulnerabilidad de ejecución remota de código (RCE) en el endpoint '/install_extension' de la aplicación parisneo/lollms-webui, específicamente dentro del controlador de ruta `@router.post("/install_extension")`. • https://github.com/bolkv/CVE-2024-4320 https://huntr.com/bounties/d6564f04-0f59-4686-beb2-11659342279b • CWE-29: Path Traversal: '\..\filename' •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-0520 – Remote Code Execution due to Full Controlled File Write in mlflow/mlflow
https://notcve.org/view.php?id=CVE-2024-0520
A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command ('Command Injection') within the `mlflow.data.http_dataset_source.py` module. • https://github.com/mlflow/mlflow/commit/400c226953b4568f4361bc0a0c223511652c2b9d https://huntr.com/bounties/93e470d7-b6f0-409b-af63-49d3e2a26dbc • CWE-23: Relative Path Traversal •
CVSS: 9.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-2624 – Path Traversal and Arbitrary File Upload Vulnerability in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-2624
Successful exploitation could lead to sensitive information disclosure, unauthorized file uploads, and potentially remote code execution by overwriting critical configuration files. • https://github.com/parisneo/lollms-webui/commit/aeba79f3ea934331b8ecd625a58bae6e4f7e7d3f https://huntr.com/bounties/39e17897-0e92-4473-91c7-f728322191aa • CWE-29: Path Traversal: '\..\filename' •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-2914 – TarSlip Vulnerability in deepjavalibrary/djl
https://notcve.org/view.php?id=CVE-2024-2914
Exploitation of this vulnerability could lead to remote code execution, privilege escalation, data theft or manipulation, and denial of service. • https://github.com/deepjavalibrary/djl/commit/5235be508cec9e8cb6f496a4ed2fa40e4f62c370 https://huntr.com/bounties/b064bd2f-bf6e-4fc0-898e-7d02a9b97e24 • CWE-29: Path Traversal: '\..\filename' •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-5452 – RCE via Property/Class Pollution in lightning-ai/pytorch-lightning
https://notcve.org/view.php?id=CVE-2024-5452
A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the `deepdiff` library. ... When processed, this can be exploited to access other modules, classes, and instances, leading to arbitrary attribute write and total RCE on any self-hosted pytorch-lightning application in its default configuration, as the delta endpoint is enabled by default. Existe una vulnerabilidad de ejecución remota de código (RCE) en la versión 2.2.1 de la librería Lightning-ai/pytorch-lightning debido al manejo inadecuado de la entrada del usuario deserializada y a la mala administración de los atributos dunder por parte de la librería "deepdiff". ... Cuando se procesa, esto se puede aprovechar para acceder a otros módulos, clases e instancias, lo que lleva a una escritura de atributos arbitraria y un RCE total en cualquier aplicación pytorch-lightning autohospedada en su configuración predeterminada, ya que el endpoint delta está habilitado de forma predeterminada. • https://huntr.com/bounties/486add92-275e-4a7b-92f9-42d84bc759da • CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes •