Fallos del tipo CWE-29
64 resultadosCVE-2024-7962HIGHArbitrary File Read via Insufficient Validation in gaizhenbiao/chuanhuchatgptEPSS 0.8%CVE-2024-2356CRITICALRemote Code Execution due to LFI in '/reinstall_extension' in parisneo/lollms-webuiEPSS 0.8%CVE-2026-24217HIGHNVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful eEPSS 0.8%CVE-2024-8982MEDIUMLocal File Inclusion in bentoml/openllmEPSS 0.7%CVE-2024-3573CRITICALLocal File Inclusion (LFI) via Scheme Confusion in mlflow/mlflowEPSS 0.7%CVE-2023-0316MEDIUMPath Traversal: '\..\filename' in froxlor/froxlorEPSS 0.7%CVE-2024-4841MEDIUMPath Traversal in parisneo/lollms-webuiEPSS 0.7%CVE-2024-10648HIGHPath Traversal in gradio-app/gradioEPSS 0.7%CVE-2024-2361CRITICALArbitrary Upload & Read via Path Traversal in parisneo/lollms-webuiEPSS 0.6%CVE-2025-50184HIGHDbGate allows for File Traversal via file parameterEPSS 0.6%CVE-2024-2178HIGHPath Traversal Vulnerability in parisneo/lollms-webuiEPSS 0.6%CVE-2024-6394HIGHLocal File Inclusion in parisneo/lollms-webuiEPSS 0.6%CVE-2025-6209HIGHArbitrary File Read through Path Traversal in run-llama/llama_indexEPSS 0.5%CVE-2024-7774MEDIUMPath Traversal in langchain-ai/langchainjsEPSS 0.5%CVE-2025-15036CRITICALPath Traversal Vulnerability in mlflow/mlflowEPSS 0.5%CVE-2026-30828HIGHWallos: SSRF via url parameter leading to File TraversalEPSS 0.5%CVE-2024-6139HIGHPath Traversal in parisneo/lollmsEPSS 0.5%CVE-2026-10732MEDIUMAll versions of the package decompress are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) when extracting a ZIP archivEPSS 0.4%CVE-2025-50185HIGHDbGate allows Unauthorized File Access via CSV PluginEPSS 0.4%CVE-2025-66608HIGHA vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product does not
properly validate URLs. An EPSS 0.4%