repository icon
automatic1111 / stable-diffusion-webui Project repository

Stable Diffusion web UI

Submit a report

FIRST INTERACTION

WITHINN/A DAYS

REVIEW

WITHIN37 DAYS

FIX

WITHINN/A DAYS

Unsafe deserialization via bare torch.load in Stable Diffusion WebUI model loadi...
etwithin
pending
Unauthenticated Remote Code Execution (RCE) via
ngannk-fptu
pending
Unauthenticated Remote Code Execution (RCE) via
ngannk-fptu
pending
Stable-Diffusion-Webui Remote Code Execution
pyn3rd
self closed
OS Command Injection in Physton/sd-webui-prompt-all-in-one , a extension
kaito7926
pending
Absolute Path Traversal in extension sd-webui-prompt-all-in-one affect
kaito7926
pending
Unsafe Deserialization Leading to Remote Code Execution via Malicious Model File...
sonw-vh
pending
Insecure Seed Generation Enables Prompt Reconstruction via Brute-Forcing a 32bit...
felixmaechtle
pending
sdapi/v1/extra-batch-images : SSRF
2024-scable
informative
High
Server-Side Request Forgery (SSRF) and Local File Inclusion (LFI) in /file endpo...
sonw-vh
duplicate
High
SSRF using DNS rebinding
alfinj0se
pending
local file inclusion
oicu0619
Medium
$50CVE-2024-12375
Denial of service
oicu0619
duplicate
High
open redirect
oicu0619
duplicate
None
Stored XSS
oicu0619
Medium
$50CVE-2024-12374
DoS by Sending Large Filename at File Upload Endpoint
mnqazi
Medium
$50CVE-2024-12074
Cross-Site WebSocket Hijacking (CSWSH) Leading to Cloning of Malicious Server Ex...
mnqazi
Critical
$600CVE-2024-11045
Open Redirect
mnqazi
Medium
$50CVE-2024-11044
Unauthenticated DoS via multipart boundry
mnqazi
High
$300CVE-2024-10935