JFrog Security Research
< Back
Software Vulnerabilities
Last Updated On 21 Jul, 2024
- JFSA-2024-001035518H2O Model Deserialization RCECVE-2024-6960highDiscovered ByOri HollanderPublished on 21 Jul, 2024
- JFSA-2024-001035519Guardrails RAIL XXECVE-2024-6961mediumDiscovered ByNatan NehoraiPublished on 21 Jul, 2024
- JFSA-2024-001035320Deep Lake Kaggle dataset command injectionCVE-2024-6507highDiscovered ByNatan NehoraiPublished on 4 Jul, 2024
- JFSA-2024-001034449Vanna prompt injection RCECVE-2024-5565highDiscovered ByNatan NehoraiPublished on 31 May, 2024
- JFSA-2024-001034098libxmljs2 namespaces type confusion RCECVE-2024-34394highDiscovered ByUriya YavnieliPublished on 2 May, 2024
- JFSA-2024-001034097libxmljs2 attrs type confusion RCECVE-2024-34393highDiscovered ByUriya YavnieliPublished on 2 May, 2024
- JFSA-2024-001034096libxmljs namespaces type confusion RCECVE-2024-34392highDiscovered ByUriya YavnieliPublished on 2 May, 2024
- JFSA-2024-001033988libxmljs attrs type confusion RCECVE-2024-34391highDiscovered ByUriya YavnieliPublished on 2 May, 2024
- JFSA-2024-001031292sqlparse stack exhaustion DoSCVE-2024-4340highDiscovered ByUriya YavnieliPublished on 30 Apr, 2024
- JFSA-2024-001028816lollms-webui exposed endpoints DoSCVE-2024-1873highDiscovered ByNaveh RacovskyPublished on 16 Apr, 2024