The version of Gradio installed on the remote host is prior to 4.19.2. It is, therefore, affected by a Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio which allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim's server, an attacker can deplete the system's disk space, potentially leading to a denial of service. This issue affects the file upload functionality as implemented in gradio/routes.py.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

An Gradio Python library is installed on the remote host. 

Note that Nessus has relied upon on the application's self-reported version number.

The version of Gradio installed on the remote host is prior to 4.13.0. It is, therefore, affected by a local file access vulnerability. An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block` class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access, posing a significant risk especially when the application is exposed to the internet via `launch(share=True)`, thereby allowing remote attackers to read files on the host machine. Furthermore, gradio apps hosted on `huggingface.co` are also affected, potentially leading to the exposure of sensitive information such as API keys and credentials stored in environment variables.

  Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Gradio installed on the remote host is prior to 4.19.2. It is, therefore, affected by a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in the request to the `/queue/join` endpoint. This issue could potentially lead to remote code execution. The vulnerability is present in the handling of file upload paths, allowing attackers to redirect file uploads to unintended locations on the server.

  Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Gradio installed on the remote host is prior to 4.18.0. It is, therefore, affected by an SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in requests to the `/` and `/config` routes, allowing the addition of arbitrary URLs for proxying. This flaw enables unauthorized proxying of requests and potential access to internal endpoints within the Hugging Face space. The issue arises from the application's inadequate checking of safe URLs in the `build_proxy_request` function.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Gradio installed on the remote host is prior to 4.42.0. It is, therefore, affected by a hidden server-side request forgery (SSRF) vulnerability. The reason is that within the save_url_to_cache function, there are no restrictions on the URL, which allows access to local target resources. This can lead to the download of local resources and sensitive information.

    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a Denial-of-Service (DoS) vulnerability in the `SitemapLoader` class. The `parse_sitemap` method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion when a sitemap URL refers to the current sitemap itself. This oversight allows for the possibility of an infinite loop, leading to a crash by exceeding the maximum recursion depth in Python. This vulnerability can be exploited to occupy server socket/port resources and crash the Python process, impacting the availability of services relying on this functionality.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a   path traversal vulnerability which exists in the `getFullPath` method. This vulnerability allows attackers   to save files anywhere in the filesystem, overwrite existing text files, read `.txt` files, and delete   files. The vulnerability is exploited through the `setFileContent`,  `getParsedFile`, and `mdelete`   methods, which do not properly sanitize user input.

  Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.1.35. It is, therefore, affected by a XML External Entity (XXE) vulnerability in the langchain-ai/langchain repository allows for a Billion Laughs Attack, a type of XML External Entity (XXE) exploitation. By nesting multiple layers of entities within an XML document, an attacker can cause the XML parser to consume excessive CPU and memory resources, leading to a denial of service (DoS).

    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.0.27. It is, therefore, affected by a server-side request forgery (SSRF) vulnerability in the function load_local in the library libs/community/langchain_community/retrievers/tfidf.py of the component TFIDFRetriever. 

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a vulnerability in the GraphCypherQAChain class which allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.1.0. It is, therefore, affected by a SSRF vulnerability.  An attacker in control of the contents of 'https://example.com' could place a malicious HTML file in there with links like 'https://example.completely.different/my_file.html' and the crawler would proceed to download that file as well even though `prevent_outside=True`.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.9. It is, therefore, affected by a deserialization vulnerability in the FAISS.deserialize_from_bytes function. This can lead to the execution of arbitrary commands via the os.system function.

    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.1.5. It is, therefore, affected by a Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This flaw enables attackers to execute port scans, access local services, and in some scenarios, read instance metadata from cloud environments. The vulnerability is particularly concerning as it can be exploited to abuse the Web Explorer server as a proxy for web attacks on third parties and interact with servers in the local network, including reading their response data. This could potentially lead to arbitrary code execution, depending on the nature of the local services. The vulnerability is limited to GET requests, as POST requests are not possible, but the impact on confidentiality, integrity, and availability is significant due to the potential for stolen credentials and state-changing interactions with internal APIs.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a prompt injection vulnerability in the GraphCypherQAChain class which leads to SQL injection. This vulnerability permits unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.57.1. It is, therefore, affected by a denial of service (DoS) vulnerability exists in zenml-io/zenml version due to improper handling of line feed (`\n`) characters in component names. When a low-privileged user adds a component through the API endpoint `api/v1/workspaces/default/components` with a name containing a `\n` character, it leads to uncontrolled resource consumption. This vulnerability results in the inability of users to add new components in certain categories (e.g., 'Image Builder') and to register new stacks through the UI, thereby degrading the user experience and potentially rendering the ZenML Dashboard unusable. The issue does not affect component addition through the Web UI, as `\n` characters are properly escaped in that context. The vulnerability was tested on ZenML running in Docker, and it was observed in both Firefox and Chrome browsers. The project maintainers disputed the exposure with NVD and claim it is only a QA bug.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.57.0. It is, therefore, affected by an account takeover exposure due to the lack of rate-limiting in the password change function. An attacker can brute-force the current password in the 'Update Password' function, allowing them to take over the user's account. This vulnerability is due to the absence of rate-limiting on the '/api/v1/current-user' endpoint, which does not restrict the number of attempts an attacker can make to guess the current password. Successful exploitation results in the attacker being able to change the password and take control of the account.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.3. It is, therefore, affected by a vulnerability which allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the victim's ability to revoke this access. This issue was observed in a self-hosted ZenML deployment via Docker, where after changing the password from one browser, the session remained active and usable in another browser without requiring re-authentication.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.55.5. It is, therefore, affected by a race condition vulnerability which allows for the creation of multiple users with the same username when requests are sent in parallel. The vulnerability arises due to insufficient handling of concurrent user creation requests, leading to data inconsistencies and potential authentication problems. Specifically, concurrent processes may overwrite or corrupt user data, complicating user identification and posing security risks. This issue is particularly concerning for APIs that rely on usernames as input parameters, such as PUT /api/v1/users/test_race, where it could lead to further complications.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.3. It is, therefore, affected by a clickjacking vulnerability due to the application's failure to set appropriate X-Frame-Options or Content-Security-Policy HTTP headers. This vulnerability allows an attacker to embed the application UI within an iframe on a malicious page, potentially leading to unauthorized actions by tricking users into interacting with the interface under the attacker's control.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.2. It is, therefore, affected by An improper authorization vulnerability exists in the API /api/v1/users/id endpoint. This vulnerability allows any authenticated user to modify the information of other users, including changing the `active` status of user accounts to false, effectively deactivating them. The impact of this vulnerability is significant as it allows for the deactivation of admin accounts, potentially disrupting the functionality and security of the application.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.57.1. It is, therefore, affected by a     A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a specified URL after completing a survey, without proper validation of the 'redirect' parameter. Consequently, an attacker can execute arbitrary JavaScript code in the context of the user's browser session. This vulnerability could be exploited to steal cookies, potentially leading to account takeover.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.3. It is, therefore, affected by an improper authentication mechanisms. An attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized account takeover by bypassing the standard password change verification process.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.55.5. It is, therefore, affected by an arbitrary file upload vulnerability in the load function at /materializers/cloudpickle_materializer.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted file.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.2. It is, therefore, affected by a stored Cross-Site Scripting (XSS) vulnerability was identified within the 'logo_url' field. By injecting malicious payloads into this field, an attacker could send harmful messages to other users, potentially compromising their accounts. The impact of exploiting this vulnerability could lead to user account compromise.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of the Pandas library installed on the remote host has an unpatched exposure. It is, therefore, affected by a code injection vulnerability in the pandas.DataFrame.query function.  The function is intended to allow querying the columns of a DataFrame using a boolean expression. A malicious attacker can constructs a malicious query to bypass input validation mechanisms and trigger a code injection vulnerability which can lead to command execution if the code passes untrusted input into self.eval().

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

An arbitrary file overwrite vulnerability exists in H2O-3. The endpoint that allows for exporting models & does not limit where models can be exported to. As such an attacker can export a model to any file in the server file structure, overwriting it, by simply using the force flag.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with a JSON document containing a connection_url property with any typical JDBC Connection URL attack payload such as one that uses queryInterceptors. (CVE-2024-45758)

A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
(CVE-2024-8862)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Intel Neural Compressor installed on the remote host is prior to 3.0. It is, therefore, affected by the following:

  - Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel Neural     Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of     privilege via adjacent access. (CVE-2024-39368)

  - Improper input validation in some Intel Neural Compressor software before version v3.0 may allow an     unauthenticated user to potentially enable escalation of privilege via adjacent access. (CVE-2024-28028)

  - Improper neutralization of special elements used in SQL command in some Intel Neural Compressor software before     version v3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
    (CVE-2024-39766)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of the LightGBM library installed on the remote host is prior to 4.6.0. It is, therefore, affected by a remote code execution vulnerability.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of the torchgeo Python library installed on the remote host is prior to 0.6.1. It is, therefore, affected by a remote code execution vulnerability. The usage of 'eval()' in torchgeo's 'get_weight()' API function could allow an unauthenticated, remote attacker to execute arbitrary commands.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.

  Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Ollama installed on the remote host is prior to 0.1.46. It is, therefore, affected by multiple vulnerabilities:

  - An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF     file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that     includes a FROM statement pointing to the attacker-controlled blob file, the attacker can crash the application     through the CreateModel route, leading to a segmentation fault (signal SIGSEGV: segmentation violation).
    (CVE-2024-39720)

  - An issue was discovered in Ollama before 0.1.46. It exposes which files exist on the server on which it is     deployed via path traversal in the api/push route. (CVE-2024-39722)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Ollama installed on the remote host is prior to 0.1.34. It is, therefore, affected by a denial-of-service vulnerability:

  - An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until     completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing     the goroutine to run infinitely (even after the HTTP request is aborted by the client). 

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of NumPy installed on the remote host is prior to 1.22.2. It is, therefore, affected by a Null Pointer Dereference vulnerability exists in numpy.sort in NumPy prior to 1.22.2 in the PyArray_DescrNew function due to missing return-value validation, which allows attackers to conduct DoS attacks by repetitively creating sort arrays. NOTE: While correct that validation is missing, an error can only occur due to an exhaustion of memory. If the user can exhaust memory, they are already privileged. Further, it should be practically impossible to construct an attack which can target the memory exhaustion to occur at exactly this place

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of NumPy installed on the remote host is prior to 1.21.0. It is, therefore, affected by a Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In (very limited) circumstances a user may be able provoke the buffer overflow, the user is most likely already privileged to at least provoke denial of service by exhausting memory. Triggering this further requires the use of uncommon API (complicated structured dtypes), which is very unlikely to be available to an unprivileged user

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of NumPy installed on the remote host is prior to 1.22.0. It is, therefore, affected by an incomplete string comparison vulnerability in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is completely harmless.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of NumPy installed on the remote host is prior to 1.19. It is, therefore, affected by a   Buffer overflow vulnerability in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to   conduct a Denial of Service attacks by carefully constructing an array with negative values. The vendor   does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged   user (or internally).

  Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host has a 'Forge.OpenAI' with a Verified NuGet package status and is installed on the remote host.

Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host has a 'Tiktoken' with a Verified NuGet package status and is installed on the remote host.

Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host has a 'Betalgo.OpenAI' with a Verified NuGet package status and is installed on the remote host.

Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host has an artificial intelligence NuGet package 'emgu.cv' is installed on the remote host.

Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host has a 'Azure.AI.OpenAI' with a Verified NuGet package status and is installed on the remote host.

Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host has a 'OpenAI' with a Verified NuGet package status and is installed on the remote host.

Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host has a 'BotSharp.Core' with a Verified NuGet package status and is installed on the remote host.

Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Ollama installed on the remote host is prior to 0.3.13. It is, therefore, affected by a remote code execution vulnerability. Ollama before 0.3.13 has a ZipSlip vulnerability that could allow an attacker to write arbitrary files to the file system. Therefore, an attacker can achieve remote code execution by creating /etc/ld.so.preload and vuln.so through a malicious zip file (application/zip).

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host contains a langchain version that is prior to 0.2.4. It is, therefore, affected by a vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain which allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the os.system function.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host contains a langchain version that is prior to 0.2.9. It is, therefore, affected by a Server-Side Request Forgery vulnerability in the Web Research Retriever component in langchain-community (langchain-community.retrievers.web_research.WebResearchRetriever). The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This flaw enables attackers to execute port scans, access local services, and in some scenarios, read instance metadata from cloud environments. The vulnerability is particularly concerning as it can be exploited to abuse the Web Explorer server as a proxy for web attacks on third parties and interact with servers in the local network, including reading their response data. This could potentially lead to arbitrary code execution, depending on the nature of the local services. The vulnerability is limited to GET requests, as POST requests are not possible, but the impact on confidentiality, integrity, and availability is significant due to the potential for stolen credentials and state-changing interactions with internal APIs.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

A DeepSpeed Python library is installed on the remote host. 

Note that Nessus has relied upon on the application's self-reported version number.

The remote host contains a DeepSpeedserve version that is prior to  0.15.1. It is, therefore, affected by an arbitrary code execution vulnerability. 

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Severity
213711	Gradio < 4.19.2 CSRF	medium
213710	Gradio Detection	info
213709	Gradio < 4.13.0 Local File Access	high
213708	Gradio < 4.19.2 Vulnerability - CVE-2024-1728	high
213707	Gradio < 4.18.0 Vulnerability - CVE-2024-2206	high
213706	Gradio < 4.42.0 SSRF	medium
213567	LangChain < 0.2.5 DoS	medium
213566	LangChain < 0.2.5 Arbitrary File Write	critical
213565	LangChain < 0.1.35 XXE	medium
213564	LangChain < 0.0.27 SSRF	medium
213563	LangChain < 0.2.5 SQLi through Prompt Injection	critical
213562	LangChain < 0.1.0 SSRF	low
213561	LangChain < 0.2.9 Vulnerability - CVE-2024-5998	medium
213560	LangChain < 0.1.5 SSRF	high
213559	LangChain < 0.2.5 SQLi through Prompt Injection	critical
213485	ZenML < 0.57.1 DoS (CVE-2024-4460)	medium
213484	ZenML < 0.57.0 Password Reset Brute Force (CVE-2024-4311)	medium
213483	ZenML < 0.56.3 Unpatched Session Expiration Exposure (CVE-2024-4680)	high
213482	ZenML < 0.55.5 Vulnerability - CVE-2024-2032	low
213481	ZenML < 0.56.3 Vulnerability - CVE-2024-2383	medium
213480	ZenML < 0.56.2 Vulnerability - CVE-2024-2035	medium
213479	ZenML < 0.58.0 XSS	medium
213478	ZenML < 0.56.3 Vulnerability - CVE-2024-2213	low
213477	ZenML < 0.55.5 Arbitrary File Upload	high
213476	ZenML < 0.56.2 Vulnerability - CVE-2024-2171	medium
213084	Pandas DataFrame.query Code Injection (Unpatched)	high
213042	H2O-3 Arbitrary File Overwrite (CVE-2024-6854)	critical
213041	H2O-3 Multiple Deserialization Vulnerabilities	critical
211955	Intel Neural Compressor < 3.0 Multiple Vulnerabilities	high
211682	LightGBM < 4.6.0 RCE	high
211464	torchgeo Python Library < 0.6.1 RCE	high
210769	MLflow < 2.9.2 Path Traversal Vulnerability	high
210502	Ollama < 0.1.46 Multiple Vulnerabilities	high
210501	Ollama < 0.1.34 DoS	high
210057	NumPy < 1.22.2 Null Pointer Dereference	medium
210056	NumPy 1.9.x < 1.21.0 Buffer Overflow	medium
210055	NumPy < 1.22.0 Vulnerability - CVE-2021-34141	medium
210054	NumPy < 1.19 DoS	medium
209670	NuGet Package 'Forge.OpenAI' Detection	info
209669	NuGet Package 'Tiktoken' Detection	info
209668	NuGet Package 'Betalgo.OpenAI' Detection	info
209667	NuGet Paemgu'emgu.cv' Detection	info
209666	NuGet Package 'Azure.AI.OpenAI' Detection	info
209665	NuGet Package 'OpenAI' Detection	info
209664	NuGet Package 'BotSharp.Core' Detection	info
209520	Ollama < 0.3.13 RCE	critical
209519	LangChain < 0.2.4 RCE	medium
209518	LangChain < 0.2.9 SSRF	high
208299	DeepSpeed Detection	info
208297	DeepSpeed < 0.15.1 Command Injection	high

Detections

Analytics

Artificial Intelligence Family for Nessus

medium

info

high

high

high

medium

medium

critical

medium

medium

critical

low

medium

high

critical

medium

medium

high

low

medium

medium

medium

low

high

medium

high

critical

critical

high

high

high

high

high

high

medium

medium

medium

medium

info

info

info

info

info

info

info

critical

medium

high

info

high