A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function split_files/apply_delta_low_cpu_mem of the file fastchat/model/apply_delta.py.
A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate of the component Worker API Endpoint. The manipulation leads to resource consum
A Denial of Service (DoS) vulnerability exists in the file upload feature of lm-sys/fastchat version 0.2.36. The vulnerability is due to improper handling of form-data with a large filename in the fil
A vulnerability, which was classified as critical, has been found in Xorbits Inference up to 1.4.1. This issue affects the function load of the file xinference/thirdparty/cosyvoice/cli/model.py. The m
In lm-sys/fastchat Release v0.2.36, the server fails to handle excessive characters appended to the end of multipart boundaries. This flaw can be exploited by sending malformed multipart requests with
A vulnerability was found in chatchat-space Langchain-Chatchat up to 0.3.1.3. The affected element is the function _get_file_id of the file libs/chatchat-server/chatchat/server/api_server/openai_route
A vulnerability classified as critical has been found in thu-pacman chitu 0.1.0. This affects the function torch.load of the file chitu/chitu/backend.py. The manipulation of the argument ckpt_path/qua
A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the co
A security flaw has been discovered in lmsys sglang 0.4.6. Affected by this vulnerability is the function main of the file /update_weights_from_tensor. The manipulation of the argument serialized_name
A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been classified as critical. Affected is the function load_weight_ckpt of the file lmdeploy/lmdeploy/vl/model/utils.py of the compone
MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/editField.
A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/list_files/retrieve_file/retrieve_file_content/delete_file of the file li
An open redirect vulnerability in lm-sys/fastchat Release v0.2.36 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. This can be exploited fo
MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table/addField.
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product supports
weak cryptographic algorithms, potentially allowing an attacker to decrypt
communicatio
A critical deserialization vulnerability exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote co
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product supports
old SSL/TLS versions, potentially allowing an attacker to decrypt
communications with t
A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input.
A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/model_merger.py script when using the "fsdp" backend. The script calls torch.load() with weights_only=Fal
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py o
Page 1+ Next →