A race condition vulnerability exists in zenml-io/zenml versions up to and including 0.55.3, which allows for the creation of multiple users with the same username when requests are sent in parallel. ...
Continue Reading
June 07, 2024
In h2oai/h2o-3 version 3.40.0.4, an exposure of sensitive information vulnerability exists due to an arbitrary system path lookup feature. This vulnerability allows any remote user to view full paths ...
Continue Reading
June 07, 2024
A blind SQL injection vulnerability exists in the berriai/litellm application, specifically within the '/team/update' process. The vulnerability arises due to the improper handling of the &# ...
Continue Reading
June 07, 2024
Summary The CVE allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. Details Unauthenticated Access: Endpoint: /api/v1/settings Descripti ...
Continue Reading
June 07, 2024
A race condition vulnerability exists in zenml-io/zenml versions up to and including 0.55.3, which allows for the creation of multiple users with the same username when requests are sent in parallel. ...
Continue Reading
June 07, 2024
An improper authorization vulnerability exists in the zenml-io/zenml repository, specifically within the API PUT /api/v1/users/id endpoint. This vulnerability allows any authenticated user to modify t ...
Continue Reading
June 07, 2024
A blind SQL injection vulnerability exists in the berriai/litellm application, specifically within the '/team/update' process. The vulnerability arises due to the improper handling of the &# ...
Continue Reading
June 07, 2024
In h2oai/h2o-3 version 3.40.0.4, an exposure of sensitive information vulnerability exists due to an arbitrary system path lookup feature. This vulnerability allows any remote user to view full paths ...
Continue Reading
June 07, 2024
Back to Main
