Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-6874

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01084EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:13 p.m.7 views

CVE-2022-3257

Mattermost version 7.1.x and earlier fails to sufficiently process a specifically crafted GIF file when it is uploaded while drafting a post, which allows authenticated users to cause resource exhaustion while processing the file, resulting in server-side Denial of Service...

6.5CVSS6.5AI score0.01084EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.6 views

The vulnerability of the image-sharing function in Jitsi Meet software allows a hacker to upload arbitrary GIF files.

The vulnerability of the image-sharing function in Jitsi Meet software for video conferencing involves a lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to upload arbitrary GIF files using giphy...

7.8CVSS5.6AI score0.0052EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.9 views

PT-2022-21380 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 7.1.x and earlier Description: The issue arises when a specifically crafted GIF file is uploaded while drafting a post, allowing authenticated users to cause resource exhaustion during file processing. This results in a...

6.5CVSS6.3AI score0.01084EPSS
Exploits1References10
Hacker One
Hacker One
added 2022/06/30 9:41 a.m.27 views

Mattermost: DOS: out of memory from gif through upload api

Summary: When sending a specially crafted gif with max dimensions through the upload API, we get Mattermost server to consume more than 4Gbytes of RAM Steps To Reproduce: add details for how we can reproduce the issue 1. Run docker run --name mattermost-preview -d --publish 8065:8065...

4CVSS0.2AI score0.01084EPSS
Exploits1
wpexploit
wpexploit
added 2022/04/21 12:0 a.m.415 views

VikBooking Hotel Booking Engine & PMS < 1.5.8 - Admin+ PHP File Upload

The plugin does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code Edit/add a Characteristics /wp-admin/admin.php?option=comvikbooking&task=carat and upload a fake GIF with PHP code in it as ...

7.2CVSS0.8AI score0.01436EPSS
Exploits2
Hacker One
Hacker One
added 2018/02/14 9:13 a.m.95 views

X (Formerly Twitter): CVE-2017-15277 on Profile page

Hi security team, Summary: Please refer to 302885 for more details. Uploading a .gif produces significantly different images every time which means the server is leaking information. Steps To Reproduce: 1. Clone https://github.com/neex/gifoeb 2. Generate exploitable gif with ./gifoeb gen 5120x512...

4.3CVSS6.7AI score0.19193EPSS
Exploits4
Rows per page
Query Builder