Total
19 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-8859 | 1 Lfprojects | 1 Mlflow | 2025-08-05 | N/A | N/A |
| A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while parts such as query and parameters are not handled. The vulnerability is triggered if the user has configured the dbfs service, and during usage, the service is mounted to a local directory. | |||||
| CVE-2024-8537 | 1 Modelscope | 1 Agentscope | 2025-08-01 | N/A | N/A |
| A path traversal vulnerability exists in the modelscope/agentscope application, affecting all versions. The vulnerability is present in the /delete-workflow endpoint, allowing an attacker to delete arbitrary files from the filesystem. This issue arises due to improper input validation, enabling the attacker to manipulate file paths and delete sensitive files outside of the intended directory. | |||||
| CVE-2024-12389 | 1 Binary-husky | 1 Gpt Academic | 2025-07-31 | N/A | N/A |
| A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The application supports the extraction of user-provided 7z files without proper validation. The Python py7zr package used for extraction does not guarantee that files will remain within the intended extraction directory. An attacker can exploit this vulnerability to perform arbitrary file writes, which can lead to remote code execution. | |||||
| CVE-2024-7033 | 1 Openwebui | 1 Open Webui | 2025-07-29 | N/A | 7.2 HIGH |
| In version 0.3.8 of open-webui/open-webui, an arbitrary file write vulnerability exists in the download_model endpoint. When deployed on Windows, the application improperly handles file paths, allowing an attacker to manipulate the file path to write files to arbitrary locations on the server's filesystem. This can result in overwriting critical system or application files, causing denial of service, or potentially achieving remote code execution (RCE). RCE can allow an attacker to execute malicious code with the privileges of the user running the application, leading to a full system compromise. | |||||
| CVE-2025-50184 | 2025-07-26 | N/A | N/A | ||
| DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. As a result, the endpoint that lists files within the upload directory can be manipulated to access arbitrary files on the system. By supplying a crafted path to the file parameter, an attacker can read files outside the upload directory, potentially exposing sensitive system-level data. This is fixed in version 6.4.3-beta.8. | |||||
| CVE-2024-11170 | 1 Librechat | 1 Librechat | 2025-07-15 | N/A | N/A |
| A vulnerability in danny-avila/librechat version git 81f2936 allows for path traversal due to improper sanitization of file paths by the multer middleware. This can lead to arbitrary file write and potentially remote code execution. The issue is fixed in version 0.7.6. | |||||
| CVE-2024-8248 | 1 Mintplexlabs | 1 Anythingllm | 2025-07-15 | N/A | N/A |
| A vulnerability in the normalizePath function in mintplex-labs/anything-llm version git 296f041 allows for path traversal, leading to arbitrary file read and write in the storage directory. This can result in privilege escalation from manager to admin. The issue is fixed in version 1.2.2. | |||||
| CVE-2024-10648 | 2025-03-20 | N/A | N/A | ||
| A path traversal vulnerability exists in the Gradio Audio component of gradio-app/gradio, as of version git 98cbcae. This vulnerability allows an attacker to control the format of the audio file, leading to arbitrary file content deletion. By manipulating the output format, an attacker can reset any file to an empty file, causing a denial of service (DOS) on the server. | |||||
| CVE-2024-7957 | 2025-03-20 | N/A | N/A | ||
| An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer, affecting the latest version. The vulnerability arises from the load_credentials method, where user-controlled input for realm_name and zuliprc_content is used to construct file paths and write file contents. This allows attackers to overwrite or create arbitrary files if a zuliprc- directory already exists in the temporary directory. | |||||
| CVE-2024-8982 | 2025-03-20 | N/A | N/A | ||
| A Local File Inclusion (LFI) vulnerability in OpenLLM version 0.6.10 allows attackers to include files from the local server through the web application. This flaw could expose internal server files and potentially sensitive information such as configuration files, passwords, and other critical data. Unauthorized access to critical server files, such as configuration files, user credentials (/etc/passwd), and private keys, can lead to a complete compromise of the system's security. Attackers could leverage the exposed information to further penetrate the network, exfiltrate data, or escalate privileges within the environment. | |||||
| CVE-2024-5443 | 2024-06-24 | N/A | N/A | ||
| CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the `ExtensionBuilder().build_extension()` function. The vulnerability arises from the `/mount_extension` endpoint, where a path traversal issue allows attackers to navigate beyond the intended directory structure. This is facilitated by the `data.category` and `data.folder` parameters accepting empty strings (`""`), which, due to inadequate input sanitization, can lead to the construction of a `package_path` that points to the root directory. Consequently, if an attacker can create a `config.yaml` file in a controllable path, this path can be appended to the `extensions` list and trigger the execution of `__init__.py` in the current directory, leading to remote code execution. The vulnerability affects versions up to 5.9.0, and has been addressed in version 9.8. | |||||
| CVE-2023-6975 | 1 Lfprojects | 1 Mlflow | 2024-02-06 | N/A | 9.8 CRITICAL |
| A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information. | |||||
| CVE-2023-6909 | 1 Lfprojects | 1 Mlflow | 2024-02-06 | N/A | 7.5 HIGH |
| Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. | |||||
| CVE-2023-6977 | 1 Lfprojects | 1 Mlflow | 2023-12-29 | N/A | 7.5 HIGH |
| This vulnerability enables malicious users to read sensitive files on the server. | |||||
| CVE-2023-1177 | 1 Lfprojects | 1 Mlflow | 2023-11-02 | N/A | 9.8 CRITICAL |
| Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1. | |||||
| CVE-2023-2984 | 2 Microsoft, Pimcore | 2 Windows, Pimcore | 2023-06-05 | N/A | 8.8 HIGH |
| Path Traversal: '\..\filename' in GitHub repository pimcore/pimcore prior to 10.5.22. | |||||
| CVE-2023-2780 | 1 Lfprojects | 1 Mlflow | 2023-05-25 | N/A | 9.8 CRITICAL |
| Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1. | |||||
| CVE-2023-1034 | 1 Salesagility | 1 Suitecrm | 2023-03-06 | N/A | 8.8 HIGH |
| Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9. | |||||
| CVE-2023-0316 | 1 Froxlor | 1 Froxlor | 2023-01-24 | N/A | 5.5 MEDIUM |
| Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0. | |||||