Aimstack Security Vulnerabilities (CVEs)

This critical vulnerability in aimhubio aim allows remote attackers to execute arbitrary code through improper input validation in the RestrictedPytho...

This vulnerability allows attackers to cause denial of service in aimhubio/aim tracking servers by sending oversized websocket messages containing lar...

This CVE describes a denial of service vulnerability in aimhubio/aim version 3.25.0 where an attacker can make the web server unresponsive by tracking...

A stored cross-site scripting (XSS) vulnerability in aimhubio/aim version 3.23.0 allows attackers to inject malicious HTML/JavaScript during the train...

This vulnerability in aimhubio/aim version 3.23.0 allows denial of service attacks due to missing timeout configurations in external server communicat...

This vulnerability allows arbitrary file deletion on systems running the aim tracking server. An attacker can craft a glob-pattern to delete files out...

This vulnerability allows attackers to delete arbitrary files or directories on systems running aimhubio/aim version 3.19.3 through path traversal in ...

This vulnerability in aimhubio/aim version 3.25.0 allows attackers to cause denial of service by exploiting the sshfs-client's lack of timeout setting...

This vulnerability allows attackers to cause denial of service (DoS) by making API requests for large numbers of tracked metrics simultaneously. The A...

A stored cross-site scripting (XSS) vulnerability in aimhubio/aim version 3.19.3 allows attackers to inject malicious scripts into terminal output log...

This CSRF vulnerability in aimhubio/aim allows attackers to trick authenticated users into executing unauthorized actions like deleting runs, updating...

CVE-2021-43775 is a path traversal vulnerability in Aim, an open-source machine learning experiment tracking tool. Attackers can use directory travers...