CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-2221 – Path Traversal and Arbitrary File Upload Vulnerability in qdrant/qdrant
https://notcve.org/view.php?id=CVE-2024-2221
This vulnerability allows attackers to upload and overwrite any file on the filesystem, leading to potential remote code execution. • https://github.com/qdrant/qdrant/commit/e6411907f0ecf3c2f8ba44ab704b9e4597d9705d https://huntr.com/bounties/6be8d4e3-67e6-4660-a8db-04215a1cff3e • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-1728 – Local File Inclusion in gradio-app/gradio
https://notcve.org/view.php?id=CVE-2024-1728
This issue could potentially lead to remote code execution. • https://github.com/gradio-app/gradio/commit/16fbe9cd0cffa9f2a824a0165beb43446114eec7 https://huntr.com/bounties/9bb33b71-7995-425d-91cc-2c2a2f2a068a • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-3568 – Arbitrary Code Execution via Deserialization in huggingface/transformers
https://notcve.org/view.php?id=CVE-2024-3568
The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_repo_checkpoint()` function of the `TFPreTrainedModel()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine. • https://github.com/huggingface/transformers/commit/693667b8ac8138b83f8adb6522ddaf42fa07c125 https://huntr.com/bounties/b3c36992-5264-4d7f-9906-a996efafba8f • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-2952 – Server-Side Template Injection in BerriAI/litellm
https://notcve.org/view.php?id=CVE-2024-2952
Attackers can exploit this by crafting malicious `tokenizer_config.json` files that execute arbitrary code on the server. • https://github.com/berriai/litellm/commit/8a1cdc901708b07b7ff4eca20f9cb0f1f0e8d0b3 https://huntr.com/bounties/a9e0a164-6de0-43a4-a640-0cbfb54220a4 • CWE-76: Improper Neutralization of Equivalent Special Elements •
CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31839 – CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution
https://notcve.org/view.php?id=CVE-2024-31839
Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component. • https://blog.chebuya.com/posts/remote-code-execution-on-chaos-rat-via-spoofed-agents https://github.com/tiagorlampert/CHAOS • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •