GitLab Access Control Error Vulnerability (CNVD-2020-19599)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions prior ...

UBUNTU-CVE-2020-10081

GitLab before 12.8.2 has Incorrect Access Control. It was internally discovered that the LFS import process could potentially be used to incorrectly access LFS objects not owned by the user...

Cisco Adaptive Security Appliance Software Code Issue Vulnerability

Cisco Adaptive Security Appliances Software ASA Software is a set of firewalls and network security platforms from the U.S. company Cisco Cisco. The platform provides highly secure access to data and network resources and other features. A code issue vulnerability exists in the Secure Copy SCP...

DEBIAN-CVE-2012-6122

Buffer overflow in the thread scheduler in Chicken before 4.8.0.1 allows attackers to cause a denial of service crash by opening a file descriptor with a large integer value...

UBUNTU-CVE-2013-2075

Multiple buffer overflows in the 1 R5RS char-ready, 2 tcp-accept-ready, and 3 file-select procedures in Chicken through 4.8.0.3 allows attackers to cause a denial of service crash by opening a file descriptor with a large integer value. NOTE: this issue exists because of an incomplete fix for...

CVE-2019-12693

A vulnerability in the Secure Copy SCP feature of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit...

PT-2019-3616 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Description: A vulnerability in the Secure Copy SCP feature could allow an authenticated, remote attacker to cause a denial of service DoS condition. The issue is...

PT-2019-9294 · Tcpdump +4 · Libpcap +5

Name of the Vulnerable Software and Affected Versions: tcpdump versions prior to 4.99.0 tcpdump versions prior to 4.9.3 Description: The issue is related to a buffer overflow in the command-line argument parser of tcpdump, specifically in the read infile function in tcpdump.c. This can be trigger...

CVE-2016-10914

The add-from-server plugin before 3.3.2 for WordPress has CSRF for importing a large file...

[SECURITY] Fedora 29 Update: filezilla-3.43.0-1.fc29

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...

PT-2019-6872 · Chicken +1 · Chicken +1

Name of the Vulnerable Software and Affected Versions: Chicken versions prior to 4.8.0.3 Description: The issue is caused by multiple buffer overflows in certain procedures, including char-ready, tcp-accept-ready, and file-select. This allows attackers to cause a denial of service by opening a fi...

PT-2019-6810 · Chicken +1 · Chicken +1

Name of the Vulnerable Software and Affected Versions: Chicken versions prior to 4.8.0.1 Description: The issue is related to a buffer overflow in the thread scheduler, which can be triggered by opening a file descriptor with a large integer value. This can cause a denial of service, resulting in...

[SECURITY] Fedora 29 Update: filezilla-3.41.2-1.fc29

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...

Multi Gather Ubiquiti UniFi Controller Backup

On an Ubiquiti UniFi controller, reads the system.properties configuration file and downloads the backup and autobackup files. The files are then decrypted using a known encryption key, then attempted to be repaired by zip. Meterpreter must be used due to the large file sizes, which can be flaky ...

CVE-2017-17831

GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository...

CVE-2016-5004

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

IBM Daeja ViewONE Denial of Service Vulnerability

IBM Daeja ViewONE is a document viewer from IBM that supports TIFF, PDF, and Office-based documents.IBM Daeja ViewONE Virtual, Daeja ViewONE Standard, and Daeja ViewONE Professional are its different Daeja ViewONE Virtual, Daeja ViewONE Standard and Daeja ViewONE Professional are different...

Denial of service

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to a denial of service when viewing or opening a large file. IBM X-Force ID: 123852...

CVE-2017-1212

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to a denial of service when viewing or opening a large file. IBM X-Force ID: 123852...

DEBIAN-CVE-2017-14158

Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...