Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-07 | CVE-2024-5732 | Unspecified vulnerability in Clashforwindows Clash A vulnerability was found in Clash up to 0.20.1 on Windows. | 9.8 |
| 2024-06-06 | CVE-2024-24192 | Out-of-bounds Read vulnerability in Robertdavidgraham Robdns 20151209 robdns commit d76d2e6 was discovered to contain a heap overflow via the component block->filename at /src/zonefile-insertion.c. | 9.1 |
| 2024-06-06 | CVE-2024-22074 | Unspecified vulnerability in Dynamsoft Service Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 1.7.2531, 1.6.0428 through 1.6.1112, 1.5.0625 through 1.5.3116, 1.4.0618 through 1.4.1230, and 1.0.516 through 1.3.0115 has Incorrect Access Control. | 9.8 |
| 2024-06-06 | CVE-2024-3166 | Unspecified vulnerability in Mintplexlabs Anythingllm Desktop and Anythingllm Webapp A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both the desktop application version 1.2.0 and the latest version of the web application. | 9.6 |
| 2024-06-06 | CVE-2024-3234 | Unspecified vulnerability in Gaizhenbiao Chuanhuchatgpt The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. | 9.8 |
| 2024-06-06 | CVE-2024-3322 | Unspecified vulnerability in Lollms web UI A path traversal vulnerability exists in the 'cyber_security/codeguard' native personality of the parisneo/lollms-webui, affecting versions up to 9.5. | 9.8 |
| 2024-06-06 | CVE-2024-3408 | Unspecified vulnerability in MAN D-Tale 3.10.0 man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code execution (RCE) due to improper input validation. | 9.8 |
| 2024-06-06 | CVE-2024-3429 | Path Traversal vulnerability in Lollms A path traversal vulnerability exists in the parisneo/lollms application, specifically within the `sanitize_path_from_endpoint` and `sanitize_path` functions in `lollms_core\lollms\security.py`. | 9.8 |
| 2024-06-06 | CVE-2024-4320 | Path Traversal vulnerability in Lollms web UI A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the parisneo/lollms-webui application, specifically within the `@router.post("/install_extension")` route handler. | 9.8 |
| 2024-06-06 | CVE-2024-5328 | Unspecified vulnerability in Lunary A Server-Side Request Forgery (SSRF) vulnerability exists in the lunary-ai/lunary application, specifically within the endpoint '/auth/saml/tto/download-idp-xml'. | 9.3 |