7 matches found
PT-2026-42679
Name of the Vulnerable Software and Affected Versions NocoDB affected versions not specified Description An issue exists where the upload-by-URL path fails to enforce the NC ATTACHMENT FIELD SIZE limit against the remote file's advertised Content-Length or the decoded length of a data: URI. This...
Exploit for CVE-2026-38361
CVE-2026-38361: Multiple Unauthenticated DoS Vulnerabilities i...
CVE-2026-35602
Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the Vikunja file import endpoint uses the attacker-controlled Size field from the JSON metadata inside the import zip instead of the actual decompressed file content length for the file size enforcement check. By...
CVE-2026-35602
Summary: CVE-2026-35602 affects Vikunja prior to v2.3.0, where the file import endpoint uses the attacker-controlled Size from the JSON metadata instead of the decompressed file length to enforce max file size, allowing an attacker to bypass the limit by setting Size to 0. This leads to potential...
EUVD-2000-0914
Malware in sbrugna...
WordPress plugin WP Optimize By xTraffic 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress WP Optimize By xTraffic that stems from the application not properly validating user-submitted code, which can be exploited b...
Ruby on Rails Code Issues Vulnerabilities
Ruby on Rails is a set of Rails team based on the Ruby language open source Web application framework. A security vulnerability exists in Ruby on Rails versions prior to 5.2.4.2 and 6.0.3.1. An attacker can exploit this vulnerability by modifying the 'Content-Length' field of the file upload URL ...