CVSS: 4.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-3095 – SSRF in Langchain Web Research Retriever in langchain-ai/langchain
https://notcve.org/view.php?id=CVE-2024-3095
The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This flaw enables attackers to execute port scans, access local services, and in some scenarios, read instance metadata from cloud environments. ... This could potentially lead to arbitrary code execution, depending on the nature of the local services. • https://github.com/leoCottret/CVE-2024-30956 https://huntr.com/bounties/e62d4895-2901-405b-9559-38276b6a5273 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 3.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-3166 – Cross-Site Scripting (XSS) Vulnerability in mintplex-labs/anything-llm
https://notcve.org/view.php?id=CVE-2024-3166
The vulnerability arises from the application's feature to fetch and embed content from websites into workspaces, which can be exploited to execute arbitrary JavaScript code. In the desktop application, this flaw can be escalated to Remote Code Execution (RCE) due to insecure application settings, specifically the enabling of 'nodeIntegration' and the disabling of 'contextIsolation' in Electron's webPreferences. ... En la aplicación de escritorio, esta falla se puede escalar a ejecución remota de código (RCE) debido a configuraciones inseguras de la aplicación, específicamente la habilitación de 'nodeIntegration' y la deshabilitación de 'contextIsolation' en las preferencias web de Electron. • https://github.com/mintplex-labs/anything-llm/commit/fa27103d032c58904c49b92ee13fabc19a20a5ce https://huntr.com/bounties/af288bd3-8824-4216-a294-ae9fb444e5db • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-4320 – Remote Code Execution due to LFI in '/install_extension' in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-4320
A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui application, specifically within the `@router.post("/install_extension")` route handler. The vulnerability arises due to improper handling of the `name` parameter in the `ExtensionBuilder().build_extension()` method, which allows for local file inclusion (LFI) leading to arbitrary code execution. An attacker can exploit this vulnerability by crafting a malicious `name` parameter that causes the server to load and execute a `__init__.py` file from an arbitrary location, such as the upload directory for discussions. This vulnerability affects the latest version of parisneo/lollms-webui and can lead to remote code execution without requiring user interaction, especially when the application is exposed to an external endpoint or operated in headless mode. Existe una vulnerabilidad de ejecución remota de código (RCE) en el endpoint '/install_extension' de la aplicación parisneo/lollms-webui, específicamente dentro del controlador de ruta `@router.post("/install_extension")`. • https://github.com/bolkv/CVE-2024-4320 https://huntr.com/bounties/d6564f04-0f59-4686-beb2-11659342279b • CWE-29: Path Traversal: '\..\filename' •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-0520 – Remote Code Execution due to Full Controlled File Write in mlflow/mlflow
https://notcve.org/view.php?id=CVE-2024-0520
A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command ('Command Injection') within the `mlflow.data.http_dataset_source.py` module. ... Exploiting this vulnerability could allow a malicious user to execute commands on the vulnerable machine, potentially gaining access to data and model information. • https://github.com/mlflow/mlflow/commit/400c226953b4568f4361bc0a0c223511652c2b9d https://huntr.com/bounties/93e470d7-b6f0-409b-af63-49d3e2a26dbc • CWE-23: Relative Path Traversal •
CVSS: 9.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-2624 – Path Traversal and Arbitrary File Upload Vulnerability in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-2624
Successful exploitation could lead to sensitive information disclosure, unauthorized file uploads, and potentially remote code execution by overwriting critical configuration files. • https://github.com/parisneo/lollms-webui/commit/aeba79f3ea934331b8ecd625a58bae6e4f7e7d3f https://huntr.com/bounties/39e17897-0e92-4473-91c7-f728322191aa • CWE-29: Path Traversal: '\..\filename' •