aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6543 items

CVE-2024-47868: Gradio is an open-source Python package designed for quick prototyping. This is a **data validation vulnerability** affe

highvulnerability
security
Oct 10, 2024
CVE-2024-47868

CVE-2024-47868 is a data validation vulnerability (a flaw in how input data is checked) in Gradio, an open-source Python package for building AI demos. Attackers can exploit certain Gradio components by sending specially crafted requests that bypass input checks, allowing them to read and download sensitive files from a server that shouldn't be accessible. This risk is especially high for components that handle file data, like DownloadButton, Audio, ImageEditor, Chatbot, and others.

Fix: This issue has been resolved in gradio>5.0. Upgrading to the latest version will mitigate this vulnerability. There are no known workarounds for this vulnerability.

NVD/CVE Database

CVE-2024-47867: Gradio is an open-source Python package designed for quick prototyping. This vulnerability is a **lack of integrity chec

highvulnerability
security
Oct 10, 2024
CVE-2024-47867

Gradio, an open-source Python package for prototyping, has a vulnerability where it downloads an FRP client (a tool for secure data tunneling) without checking if the file has been tampered with. An attacker who controls the download server could replace the legitimate FRP client with malicious code, and Gradio wouldn't detect this because it doesn't verify the file's checksum (a unique fingerprint) or signature (a digital seal of authenticity).

CVE-2024-47168: Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves data exposure due to

mediumvulnerability
security
Oct 10, 2024
CVE-2024-47168

Gradio, an open-source Python package for building AI interfaces quickly, has a vulnerability where the enable_monitoring flag doesn't actually disable monitoring as intended. Even when a developer sets enable_monitoring=False to turn off monitoring, an attacker can still access sensitive analytics by directly requesting the /monitoring endpoint (a specific web address). This puts applications at risk of exposing data that was supposed to be hidden.

CVE-2024-47167: Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **Server-Side Requ

criticalvulnerability
security
Oct 10, 2024
CVE-2024-47167

Gradio, an open-source Python package for building AI demos, has a vulnerability called SSRF (server-side request forgery, where an attacker tricks a server into making requests to URLs the attacker chooses) in its `/queue/join` endpoint. Attackers can exploit this to force the Gradio server to request internal or local network addresses, potentially stealing data or uploading malicious files, especially affecting applications using the Video component. Users should upgrade to Gradio version 5 or later to fix this issue.

CVE-2024-47166: Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a **one-level read p

mediumvulnerability
security
Oct 10, 2024
CVE-2024-47166

Gradio, an open-source Python package for building quick demos, has a vulnerability called path traversal (a method where attackers manipulate file paths to access files outside their intended directory) in its `/custom_component` endpoint. Attackers can exploit this to read and leak source code from custom Gradio components, potentially exposing sensitive code that developers wanted to keep private, particularly affecting those hosting custom components on public servers.

CVE-2024-47165: Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to **CORS origin vali

mediumvulnerability
security
Oct 10, 2024
CVE-2024-47165

Gradio, an open-source Python package for building AI demos, has a vulnerability where it incorrectly accepts requests from sources with a null origin (a security boundary used by web browsers). This happens because the `localhost_aliases` variable includes "null" as a valid CORS origin (cross-origin resource sharing, which controls what websites can access a server). Attackers could exploit this to steal sensitive data like login tokens or uploaded files from local Gradio deployments.

CVE-2024-47164: Gradio is an open-source Python package designed for quick prototyping. This vulnerability relates to the **bypass of di

mediumvulnerability
security
Oct 10, 2024
CVE-2024-47164

Gradio, an open-source Python package for building AI demos, has a vulnerability in its directory traversal check function that can be bypassed using special file path sequences (like `..` which means "go up one folder"). This could allow attackers to access files they shouldn't be able to reach, especially when uploading files, though exploiting it is difficult.

CVE-2024-47084: Gradio is an open-source Python package designed for quick prototyping. This vulnerability is related to **CORS origin v

highvulnerability
security
Oct 10, 2024
CVE-2024-47084

Gradio, an open-source Python package for prototyping, has a vulnerability in CORS origin validation (the security check that verifies requests come from trusted websites). When a cookie is present, the server fails to validate the request's origin, allowing attackers to trick users into making unauthorized requests to their local Gradio server, potentially stealing files, authentication tokens, or user data.

CVE-2024-47833: Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine lear

mediumvulnerability
security
Oct 9, 2024
CVE-2024-47833

Taipy, an open-source Python library for building data applications, has a security flaw where session cookies are served without the Secure and HTTPOnly flags (security markers that prevent browsers from sending cookies over unencrypted connections and protect cookies from being accessed by JavaScript code). This vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 6.3, indicating medium severity.

CVE-2024-43610: Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view s

highvulnerability
security
Oct 9, 2024
CVE-2024-43610

CVE-2024-43610 is a vulnerability in Microsoft Copilot Studio that allows an unauthenticated attacker to view sensitive information through a network attack. The vulnerability has a CVSS 4.0 severity rating (a 0-10 scale measuring how serious a security flaw is), meaning it poses a moderate risk to affected systems.

CVE-2024-9333: Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited am

mediumvulnerability
security
Oct 2, 2024
CVE-2024-9333

CVE-2024-9333 is a permissions bypass vulnerability in M-Files Connector for Copilot (a tool that integrates M-Files document management with AI assistants) that allows authenticated users (people who have already logged in) to access documents they shouldn't be able to see due to incorrect access control list calculations. The vulnerability has a CVSS score of 5.3 (a 0-10 rating of how severe a vulnerability is), which is rated as medium severity.

CVE-2024-0116: NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing

mediumvulnerability
security
Oct 1, 2024
CVE-2024-0116

CVE-2024-0116 is a vulnerability in NVIDIA Triton Inference Server that allows a user to trigger an out-of-bounds read (accessing memory outside the intended range) by releasing a shared memory region while another part of the program is still using it. A successful attack could cause a denial of service (making the service unavailable), though the severity rating has not yet been officially assigned.

CVE-2024-9277: A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unkno

lowvulnerability
security
Sep 27, 2024
CVE-2024-9277

Langflow up to version 1.0.18 contains a vulnerability in its HTTP POST Request Handler that causes inefficient regular expression complexity (ReDoS, a type of denial-of-service attack where maliciously crafted input makes pattern-matching code run very slowly) when processing the 'remaining_text' argument. The vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 5.1 (medium severity) and has been publicly disclosed, though the vendor did not respond to early notification.

CVE-2024-7714: The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls

highvulnerability
security
Sep 27, 2024
CVE-2024-7714EPSS: 23.9%

CVE-2024-7713: The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, al

highvulnerability
security
Sep 27, 2024
CVE-2024-7713

A WordPress plugin called 'AI ChatBot with ChatGPT and Content Generator by AYS' versions before 2.1.0 has a vulnerability where it exposes the OpenAI API key (a secret credential used to access OpenAI's services) in cleartext (unencrypted, readable form), allowing anyone without authentication (login access) to steal it. This vulnerability is tracked as CVE-2024-7713 and was reported on September 27, 2024.

CVE-2024-4099: An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2.8, from 17.3 prior to

lowvulnerability
security
Sep 26, 2024
CVE-2024-4099

CVE-2024-4099 is a vulnerability in GitLab EE (a Git repository management tool) affecting versions 16.0-17.2.7, 17.3-17.3.3, and 17.4-17.4.0 where an AI feature failed to clean up unsanitized input, potentially allowing attackers to perform prompt injection (tricking the AI by hiding instructions in its input). The vulnerability has a CVSS score (a 0-10 severity rating) of 4.0, indicating low to moderate severity.

CVE-2024-45989: Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Act

mediumvulnerability
security
Sep 26, 2024
CVE-2024-45989

Monica AI Assistant desktop application v2.3.0 has a vulnerability where attackers can use prompt injection (tricking an AI by hiding instructions in its input) with a specially crafted image to steal sensitive chat data from the current session and send it to an attacker-controlled server. This flaw allows unauthorized people to access private information from users' conversations.

CVE-2024-6845: The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one of its REST endpoint, a

mediumvulnerability
security
Sep 25, 2024
CVE-2024-6845EPSS: 29.9%

CVE-2024-40442: An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pi

highvulnerability
security
Sep 23, 2024
CVE-2024-40442

CVE-2024-40442 is a privilege escalation vulnerability (a security flaw where an attacker gains higher access levels than they should have) in Doccano v.1.8.4 and its Auto Labeling Pipeline module v.0.1.23. A remote attacker can exploit this weakness by sending a specially crafted REST request (a malicious command sent over the web), which involves improper code injection (inserting malicious code into the system).

CVE-2024-40441: An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pi

mediumvulnerability
security
Sep 23, 2024
CVE-2024-40441

CVE-2024-40441 is a privilege escalation vulnerability (a bug that lets attackers gain higher-level access than they should have) in Doccano v.1.8.4, an open source tool for labeling data to train machine learning models, and its Auto Labeling Pipeline module v.0.1.23. A remote attacker can exploit this by manipulating the model_attribs parameter to escalate their privileges.

Previous272 / 328Next

Fix: There is no direct workaround without upgrading. Users can manually validate the integrity of the downloaded FRP client by implementing checksum or signature verification in their own environment to ensure the binary hasn't been tampered with.

NVD/CVE Database

Fix: Users are advised to upgrade to gradio>=4.44 to address this issue.

NVD/CVE Database

Fix: Upgrade to `gradio>=5`. As a workaround, disable or heavily restrict URL-based inputs to trusted domains only, implement allowlist-based URL validation (where only pre-approved URLs are accepted), and ensure that local or internal network addresses cannot be requested via the `/queue/join` endpoint.

NVD/CVE Database

Fix: Users should upgrade to `gradio>=4.44`. As a workaround, developers can sanitize file paths and ensure that components are not stored in publicly accessible directories.

NVD/CVE Database

Fix: Users are advised to upgrade to gradio>=5.0. As a workaround, users can manually modify the `localhost_aliases` list in their local Gradio deployment to exclude "null" as a valid origin, which will prevent the Gradio server from accepting requests from sandboxed iframes or sources with a null origin.

NVD/CVE Database

Fix: Upgrade to `gradio>=5.0` to address this issue. As a workaround, manually sanitize and normalize file paths in your Gradio deployment before passing them to the `is_in_or_equal` function, ensuring all file paths are properly resolved as absolute paths (complete paths starting from the root) to mitigate the bypass vulnerabilities.

NVD/CVE Database

Fix: Users should upgrade to gradio>4.44. Alternatively, as a workaround, users can manually modify the CustomCORSMiddleware class in their local Gradio server code to bypass the condition that skips CORS validation for requests containing cookies.

NVD/CVE Database

Fix: Upgrade to Taipy release version 4.0.0 or later. According to the source, 'This issue has been addressed in release version 4.0.0 and all users are advised to upgrade.' There are no known workarounds available.

NVD/CVE Database
NVD/CVE Database

Fix: Update M-Files Connector for Copilot to version 24.9.3 or later.

NVD/CVE Database
NVD/CVE Database
NVD/CVE Database

A WordPress plugin called 'AI ChatBot with ChatGPT and Content Generator by AYS' (versions before 2.1.0) has a security flaw where it doesn't properly check who is allowed to perform certain actions. This means someone without a user account can disconnect the plugin from OpenAI (the AI service it relies on), effectively breaking the chatbot. The vulnerable actions include connecting, disconnecting, and saving feedback.

Fix: Update the plugin to version 2.1.0 or later.

NVD/CVE Database
NVD/CVE Database
NVD/CVE Database
NVD/CVE Database

The Chatbot with ChatGPT WordPress plugin before version 2.4.6 has a missing authorization flaw in one of its REST endpoints (a web interface for accessing the plugin's functions), which allows unauthenticated users (anyone without login credentials) to retrieve and decode an OpenAI API key (a secret credential that grants access to OpenAI's services). This vulnerability exposes the API key to attackers.

Fix: Update the Chatbot with ChatGPT WordPress plugin to version 2.4.6 or later.

NVD/CVE Database
NVD/CVE Database
NVD/CVE Database