aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

AI & LLM Vulnerabilities

Security vulnerabilities, privacy incidents, safety concerns, and policy updates affecting LLMs and AI agents.

to
Export CSV
2170 items

CVE-2023-32676: Autolab is a course management service that enables auto-graded programming assignments. A Tar slip vulnerability was fo

mediumvulnerability
security
May 26, 2023
CVE-2023-32676

Autolab, a service that automatically grades programming assignments in courses, has a tar slip vulnerability (a flaw where extracted files can be placed outside their intended directory) in its assessment installation feature. An attacker with instructor permissions could upload a specially crafted tar file (a compressed archive format) with file paths like `../../../../tmp/tarslipped1.sh` to place files anywhere on the system when the form is submitted.

Fix: Upgrade to version 2.11.0 or later.

NVD/CVE Database

CVE-2023-2800: Insecure Temporary File in GitHub repository huggingface/transformers prior to 4.30.0.

mediumvulnerability
security
May 18, 2023
CVE-2023-2800

CVE-2023-2800 is a vulnerability in the Hugging Face Transformers library (a popular tool for working with AI language models) prior to version 4.30.0 that involves insecure temporary files (CWE-377, a weakness where temporary files are created in ways that attackers could exploit). The vulnerability was discovered and reported through the huntr.dev bug bounty platform.

CVE-2023-2780: Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1.

criticalvulnerability
security
May 17, 2023
CVE-2023-2780EPSS: 87.8%

MLflow (a tool for managing machine learning experiments) versions before 2.3.1 contain a path traversal vulnerability (CWE-29, a weakness where attackers can access files outside intended directories by using special characters like '..\'). This vulnerability could allow an attacker to read or manipulate files they shouldn't have access to.

CVE-2023-30172: A directory traversal vulnerability in the /get-artifact API method of the mlflow platform up to v2.0.1 allows attackers

highvulnerability
security
May 11, 2023
CVE-2023-30172

CVE-2023-30172 is a directory traversal vulnerability (a flaw where attackers can access files outside the intended folder by manipulating file paths) in the /get-artifact API method of MLflow platform versions up to v2.0.1. Attackers can exploit the path parameter to read arbitrary files stored on the server.

CVE-2023-1651: The AI ChatBot WordPress plugin before 4.4.9 does not have authorisation and CSRF in the AJAX action responsible to upda

mediumvulnerability
security
May 8, 2023
CVE-2023-1651

The AI ChatBot WordPress plugin before version 4.4.9 has two security flaws in its code that handles OpenAI settings. First, it lacks authorization checks (meaning it doesn't verify who should be allowed to make changes), allowing even low-privilege users like subscribers to modify settings. Second, it's vulnerable to CSRF (cross-site request forgery, where an attacker tricks a logged-in user into making unwanted changes) and stored XSS (cross-site scripting, where malicious code gets saved and runs when others view the page).

CVE-2023-2356: Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.

highvulnerability
security
Apr 28, 2023
CVE-2023-2356EPSS: 90.5%

CVE-2023-2356 is a relative path traversal vulnerability (a flaw that lets attackers access files outside their intended directory by manipulating file paths) found in MLflow versions before 2.3.1. This weakness could allow attackers to read or access files they shouldn't be able to reach on systems running the affected software.

CVE-2023-30444: IBM Watson Machine Learning on Cloud Pak for Data 4.0 and 4.5 is vulnerable to server-side request forgery (SSRF). This

highvulnerability
security
Apr 27, 2023
CVE-2023-30444

IBM Watson Machine Learning on Cloud Pak for Data versions 4.0 and 4.5 has a vulnerability called SSRF (server-side request forgery, where an attacker tricks the system into making unauthorized network requests on their behalf). An authenticated attacker could exploit this to discover network details or launch other attacks.

CVE-2023-30620: mindsdb is a Machine Learning platform to help developers build AI solutions. In affected versions an unsafe extraction

highvulnerability
security
Apr 21, 2023
CVE-2023-30620

MindsDB, a platform for building AI solutions, has a vulnerability in older versions where it unsafely extracts files from remote archives using `tarfile.extractall()` (a Python function that unpacks compressed files). An attacker could exploit this to overwrite any file that the server can access, similar to known attacks called TarSlip or ZipSlip (path traversal attacks, where files are extracted to unexpected locations).

CVE-2023-28312: Azure Machine Learning Information Disclosure Vulnerability

mediumvulnerability
security
Apr 11, 2023
CVE-2023-28312

CVE-2023-28312 is an information disclosure vulnerability in Azure Machine Learning, meaning unauthorized people could access sensitive data they shouldn't be able to see. The vulnerability involves improper access control (CWE-284, a weakness where the system doesn't properly check who is allowed to access what), and it was reported by Microsoft.

CVE-2023-29374: In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via

criticalvulnerability
security
Apr 5, 2023
CVE-2023-29374

CVE-2023-29374 is a vulnerability in LangChain versions up to 0.0.131 where the LLMMathChain component is vulnerable to prompt injection attacks (tricking an AI by hiding instructions in its input), allowing attackers to execute arbitrary code through Python's exec method. This is a code execution vulnerability that could allow an attacker to run malicious commands on a system running the affected software.

CVE-2022-23522: MindsDB is an open source machine learning platform. An unsafe extraction is being performed using `shutil.unpack_archiv

highvulnerability
security
Mar 30, 2023
CVE-2022-23522

MindsDB, an open source machine learning platform, has a vulnerability where it unsafely unpacks tar files (compressed archives) using a function that doesn't check if extracted files stay in the intended folder. An attacker could create a malicious tar file with a specially crafted filename (like `../../../../etc/passwd`) that tricks the system into writing files to sensitive system locations, potentially overwriting important system files on the server running MindsDB.

CVE-2023-25661: TensorFlow is an Open Source Machine Learning Framework. In versions prior to 2.11.1 a malicious invalid input crashes a

mediumvulnerability
security
Mar 27, 2023
CVE-2023-25661

TensorFlow (an open-source machine learning framework) versions before 2.11.1 have a bug where a malicious invalid input can crash a model and trigger a denial of service attack (making a service unavailable by overwhelming it). The vulnerability exists in the Convolution3DTranspose function, which is commonly used in modern neural networks, and could be exploited if an attacker can send input to this function.

CVE-2023-28858: redis-py before 4.5.3 leaves a connection open after canceling an async Redis command at an inopportune time, and can se

lowvulnerability
security
Mar 26, 2023
CVE-2023-28858

CVE-2023-28858 is a bug in redis-py (a Python library for connecting to Redis databases) versions before 4.5.3 where canceling an async command at the wrong moment leaves a connection open and can accidentally send response data from one request to a completely different client, due to an off-by-one error (miscounting by one position in the data stream).

CVE-2023-27579: TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater `fil

highvulnerability
security
Mar 25, 2023
CVE-2023-27579

TensorFlow, an open-source machine learning platform, has a bug where creating a tflite model (a lightweight version of a machine learning model for mobile devices) with a filter_input_channel parameter set to less than 1 causes an FPE (floating-point exception, a math error that crashes the program). This vulnerability stems from an incorrect comparison in the code.

CVE-2023-25801: TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, `nn_ops.fractional_avg_pool

highvulnerability
security
Mar 25, 2023
CVE-2023-25801

TensorFlow, an open source machine learning platform, had a bug in two pooling functions (`nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2`) that required certain parameters to equal 1.0 because pooling on batch and channel dimensions (the different ways data is organized in the neural network) was not supported. This vulnerability was fixed in TensorFlow versions 2.12.0 and 2.11.1.

CVE-2023-25676: TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.r

highvulnerability
security
Mar 25, 2023
CVE-2023-25676

TensorFlow, an open source machine learning platform, has a bug in versions before 2.12.0 and 2.11.1 where the `tf.raw_ops.ParallelConcat` function crashes due to a null pointer dereference (trying to use a memory location that hasn't been set) when given a `shape` parameter with rank (dimensionality) of zero or less. This crash makes the program stop working unexpectedly.

CVE-2023-25675: TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.r

highvulnerability
security
Mar 25, 2023
CVE-2023-25675

TensorFlow, an open source machine learning platform, has a bug in versions before 2.12.0 and 2.11.1 where the `tf.raw_ops.Bincount` function crashes when given a `weights` parameter that doesn't match the shape of the `arr` parameter or isn't a length-0 tensor (a parameter with zero elements). This crash only happens when XLA (accelerated linear algebra, a compiler for machine learning) is enabled.

CVE-2023-25674: TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in

highvulnerability
security
Mar 25, 2023
CVE-2023-25674

TensorFlow, an open source machine learning platform, has a null pointer error (a crash caused by the program trying to access memory that doesn't exist) in its RandomShuffle function when XLA (a compiler for machine learning) is enabled in versions before 2.12.0 and 2.11.1. This vulnerability has been assigned CVE-2023-25674.

CVE-2023-25673: TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Ex

highvulnerability
security
Mar 25, 2023
CVE-2023-25673

TensorFlow (an open source machine learning platform) versions before 2.12.0 and 2.11.1 have a Floating Point Exception bug in TensorListSplit with XLA (a compiler that speeds up machine learning computations). This bug could cause the program to crash when certain operations are performed.

CVE-2023-25672: TensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle

highvulnerability
security
Mar 25, 2023
CVE-2023-25672

TensorFlow, an open source platform for machine learning, has a bug in the `tf.raw_ops.LookupTableImportV2` function where it cannot properly handle scalar values (single values, not arrays) in the `values` parameter, causing an NPE (null pointer exception, when the program tries to use a value that doesn't exist). This is a type of vulnerability called NULL Pointer Dereference (CWE-476).

Previous85 / 109Next

Fix: Update to version 4.30.0 or later. A patch is available at https://github.com/huggingface/transformers/commit/80ca92470938bbcc348e2d9cf4734c7c25cb1c43.

NVD/CVE Database

Fix: Update MLflow to version 2.3.1 or later. A patch is available at https://github.com/mlflow/mlflow/commit/fae77a525dd908c56d6204a4cef1c1c75b4e9857.

NVD/CVE Database
NVD/CVE Database

Fix: Update the AI ChatBot WordPress plugin to version 4.4.9 or later.

NVD/CVE Database

Fix: Update MLflow to version 2.3.1 or later. A patch is available at https://github.com/mlflow/mlflow/commit/f73147496e05c09a8b83d95fb4f1bf86696c6342.

NVD/CVE Database
NVD/CVE Database

Fix: Upgrade to release 23.2.1.0 or later. The source explicitly states 'There are no known workarounds for this vulnerability,' so updating is the only mitigation mentioned.

NVD/CVE Database
NVD/CVE Database

Fix: A patch is available at https://github.com/hwchase17/langchain/pull/1119

NVD/CVE Database

Fix: This issue has been addressed in version 22.11.4.3. Users are advised to upgrade. Users unable to upgrade should avoid ingesting archives from untrusted sources.

NVD/CVE Database

Fix: Upgrade to TensorFlow version 2.11.1 or later. The source states there are no known workarounds for this vulnerability.

NVD/CVE Database

Fix: Update redis-py to version 4.3.6, 4.4.3, or 4.5.3 or later. The patches are available in the official repository at https://github.com/redis/redis-py/ for each version.

NVD/CVE Database

Fix: The issue has been patched in TensorFlow version 2.12. TensorFlow will also apply the fix to version 2.11.1. Users can reference the patch commit at https://github.com/tensorflow/tensorflow/commit/34f8368c535253f5c9cb3a303297743b62442aaa.

NVD/CVE Database

Fix: Update to TensorFlow version 2.12.0 or 2.11.1, which include the fix for this vulnerability.

NVD/CVE Database

Fix: Update TensorFlow to version 2.12.0 or 2.11.1 or later, which contain the fix for this vulnerability.

NVD/CVE Database

Fix: Update to TensorFlow version 2.12.0 or 2.11.1, which include a fix for this issue.

NVD/CVE Database

Fix: Update TensorFlow to version 2.12.0 or 2.11.1, which include the fix for this null pointer error.

NVD/CVE Database

Fix: Update to TensorFlow version 2.12.0 or version 2.11.1, where the fix is included.

NVD/CVE Database

Fix: A fix is included in TensorFlow version 2.12.0 and version 2.11.1. Users can also reference the patch at https://github.com/tensorflow/tensorflow/commit/980b22536abcbbe1b4a5642fc940af33d8c19b69.

NVD/CVE Database