CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

510 matches found

Tenable Nessus•added 2025/08/27 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2021-21237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file ...

10CVSS8.4AI score0.92929EPSS

Exploits14References2

Tenable Nessus•added 2025/08/25 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2017-9061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.7.5, a cross-site scripting XSS vulnerability exists when attempting to upload very large files, because the error message does not proper...

6.1CVSS6.7AI score0.03308EPSS

Exploits0References2

Wallarm Lab•added 2025/08/22 11:0 a.m.•14 views

Exploiting API4 — 8 Real-World Unrestricted Resource Consumption Attack Scenarios (and How to Stop Them)

Unrestricted Resource ConsumptionAPI4:2023 is the only threat category in the OWASP API Security Top 10 explicitly dedicated to Denial of Service DoS and resource abuse. But despite being just one category, attackers can exploit it in many different ways; from large file uploads and expensive...

9.8CVSS10AI score0.58941EPSS

Exploits7

OSV•added 2025/07/29 1:38 p.m.•3 views

RLSA-2025:9060 Moderate: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871...

5.4CVSS7.9AI score0.00294EPSS

Exploits0References2

NVD•added 2025/07/26 3:15 p.m.•2 views

CVE-2025-8203

A vulnerability classified as critical has been found in Jingmen Zeyou Large File Upload Control up to 6.3. Affected is an unknown function of the file /index.jsp. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS0.00165EPSS

Exploits0References4

OSV•added 2025/07/26 3:15 p.m.•1 views

CVE-2025-8203

9.8CVSS5.6AI score

Exploits0References4

Vulnrichment•added 2025/07/26 2:32 p.m.•1 views

CVE-2025-8203 Jingmen Zeyou Large File Upload Control index.jsp sql injection

6.5CVSS6.7AI score0.00165EPSS

Exploits0References4

Positive Technologies•added 2025/07/26 12:0 a.m.•2 views

PT-2025-30979 · Unknown · Jingmen Zeyou Large File Upload Control

Name of the Vulnerable Software and Affected Versions: Jingmen Zeyou Large File Upload Control versions up to 6.3 Description: A critical issue exists in Jingmen Zeyou Large File Upload Control. The manipulation of the ID parameter in the /index.jsp file leads to SQL injection. This allows for...

6.5CVSS6.7AI score0.00165EPSS

Exploits0References8

CNNVD•added 2025/07/26 12:0 a.m.•1 views

Jingmen Zeyou Large File Upload Control 注入漏洞

Jingmen Zeyou Large File Upload Control Zeyou full-platform file transfer solution is a file transfer security storage platform from Jingmen Zeyou Jingmen Zeyou. Jingmen Zeyou Large File Upload Control 6.3 and previous versions have an injection vulnerability, the vulnerability stems from the...

9.8CVSS7.1AI score0.00165EPSS

Exploits0References5

Positive Technologies•added 2025/07/21 12:0 a.m.•2 views

PT-2025-30341 · Starlette +1 · Starlette +1

Name of the Vulnerable Software and Affected Versions: Starlette versions 0.47.1 and below Description: Starlette is a lightweight ASGI framework/toolkit for building async web services in Python. When parsing multi-part forms with large files exceeding the default maximum spool size, Starlette...

5.3CVSS6.3AI score0.0025EPSS

Exploits0References20

OSV•added 2025/07/16 2:22 p.m.•4 views

GHSA-7XQM-7738-642X File Browser's Uncontrolled Memory Consumption vulnerability can enable DoS attack due to oversized file processing

Summary A Denial of Service DoS vulnerability exists in the file processing logic when reading a file on endpoint Filebrowser-Server-IP:PORT/files/file-name . While the server correctly handles and stores uploaded files, it attempts to load the entire content into memory during read operations...

8.7CVSS6.1AI score0.00907EPSS

Exploits1References4

CNVD•added 2025/07/04 12:0 a.m.•2 views

Simple Pizza Ordering System large.php file SQL Injection Vulnerability

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter ID of file /large.php. An attacker can exploit this vulnerability to...

9.8CVSS7.9AI score0.00277EPSS

Exploits1References1

OSV•added 2025/07/03 12:0 a.m.•1 views

OPENSUSE-SU-2025:15220-1 git-lfs-3.7.0-1.1 on GA media

These are all security issues fixed in the git-lfs-3.7.0-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.8AI score0.00591EPSS

Exploits0References1

RedHat Linux•added 2025/06/30 1:16 p.m.•3 views

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes...

5.5CVSS7.3AI score0.00467EPSS

Exploits1References6

Tenable Nessus•added 2025/06/17 12:0 a.m.•2 views

RHEL 9 : git-lfs (RHSA-2025:9205)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9205 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...

9.1CVSS7.2AI score0.00294EPSS

Exploits0References5