CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Gradio v3.27.0 was discovered to contain an arbitrary file upload vulnerability via the /upload interface.

\[CVE ID\]

CVE-2023-41626

\[PRODUCT\]

Gradio

\[VERSION\]

3.27.0

\[PROBLEM TYPE\]

Incorrect Access Control

\[DESCRIPTION\]

Gradio v3.27.0 was discovered to contain an arbitrary file upload,Uploading files to the/tmp directory may result in malicious access to website permissions if there are file containing vulnerabilities in other sites on the server.

\[Reference\]

http://gradio.app

Headline

CVE-2023-41626: gist:590472eb0544ef1ec36c8a5a40122adb

CVE: Latest News