7 matches found
EUVD-2022-6874
Malicious code in bioql PyPI...
CVE-2022-3257
Mattermost version 7.1.x and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service...
The vulnerability of the image-sharing function in Jitsi Meet software allows a hacker to upload arbitrary GIF files.
The vulnerability of the image-sharing function in Jitsi Meet software for video conferencing involves a lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to upload arbitrary GIF files using giphy...
PT-2022-21380 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 7.1.x and earlier Description: The issue arises when a specifically crafted GIF file is uploaded while drafting a post, allowing authenticated users to cause resource exhaustion during file processing. This results in a...
Mattermost: DOS: out of memory from gif through upload api
Summary: When sending a specially crafted gif with max dimensions through the upload API, we get Mattermost server to consume more than 4Gbytes of RAM Steps To Reproduce: add details for how we can reproduce the issue 1. Run docker run --name mattermost-preview -d --publish 8065:8065...
VikBooking Hotel Booking Engine & PMS < 1.5.8 - Admin+ PHP File Upload
The plugin does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code Edit/add a Characteristics /wp-admin/admin.php?option=comvikbooking&task=carat and upload a fake GIF with PHP code in it as ...
X (Formerly Twitter): CVE-2017-15277 on Profile page
Hi security team, Summary: Please refer to 302885 for more details. Uploading a .gif produces significantly different images every time which means the server is leaking information. Steps To Reproduce: 1. Clone https://github.com/neex/gifoeb 2. Generate exploitable gif with ./gifoeb gen 5120x512...