Lucene search
K

185 matches found

OSV
OSV
added 2017/09/05 5:29 p.m.2 views

PYSEC-2017-83

Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...

7.8CVSS5.7AI score0.01907EPSS
Exploits1References3
OSV
OSV
added 2017/09/05 5:29 p.m.11 views

CVE-2017-14158

Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...

7.5CVSS7.3AI score
Exploits0References2
OSV
OSV
added 2017/09/05 5:29 p.m.1 views

UBUNTU-CVE-2017-14158

Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...

7.5CVSS6.9AI score0.01907EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2017/09/05 5:0 p.m.15 views

CVE-2017-14158

Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...

7.8CVSS7.3AI score0.01907EPSS
Exploits1
FreeBSD
FreeBSD
added 2017/09/05 12:0 a.m.11 views

py-Scrapy -- DoS vulnerability

kmike and nramirezuy report: Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage...

7.8CVSS6.8AI score0.01907EPSS
Exploits1References2
OSV
OSV
added 2017/06/06 6:29 p.m.6 views

CVE-2016-5004

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

6.5CVSS6.7AI score0.0644EPSS
Exploits1References5
Prion
Prion
added 2017/05/31 4:29 a.m.15 views

Integer overflow

The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error...

4.3CVSS6.5AI score0.0146EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2017/05/31 4:29 a.m.2 views

UBUNTU-CVE-2017-8782

The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error...

6.5CVSS7.3AI score0.0146EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2017/05/18 2:0 p.m.21 views

CVE-2017-9061

In WordPress before 4.7.5, a cross-site scripting XSS vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename...

6.1CVSS1.1AI score0.01925EPSS
Exploits0
OSV
OSV
added 2017/03/12 1:59 a.m.4 views

UBUNTU-CVE-2017-6819

In WordPress before 4.7.3, there is cross-site request forgery CSRF in Press This wp-admin/includes/class-wp-press-this.php, leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This...

6.5CVSS6.5AI score0.02343EPSS
Exploits1References7
OSV
OSV
added 2016/10/16 9:59 p.m.2 views

UBUNTU-CVE-2015-8953

fs/overlayfs/copyup.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service dentry reference leak via filesystem operations on a large file in a lower overlayfs layer...

5.5CVSS6.8AI score0.00543EPSS
Exploits1References3
Fedora
Fedora
added 2016/08/29 8:8 a.m.15 views

[SECURITY] Fedora 25 Update: filezilla-3.21.0-1.fc25

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...

0.8AI score
Exploits0
WPVulnDB
WPVulnDB
added 2016/08/08 12:0 a.m.18 views

Add From Server < 3.3.2 - Cross-Site Request Forgery (CSRF)

An attacker can use this issue to add illegal content to the victims server, or add very large files to the victim's server to exhaust the amount of available disk space...

6.8CVSS3AI score0.0068EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/10/13 12:0 a.m.5 views

The vulnerability of the NX-OS network operating system allows a hacker to induce a maintenance failure.

The vulnerability of the NX-OS network operating system is related to resource management errors. Exploiting this vulnerability allows a malicious actor, who operates remotely and has completed the authentication process, to cause service failure by copying large files to the device’s file system...

6.8CVSS5.5AI score0.01742EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/08/19 3:0 p.m.29 views

CVE-2015-4301

Cisco NX-OS on Nexus 9000 devices 11.11c allows remote authenticated users to cause a denial of service device hang via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225...

6.3AI score0.01742EPSS
Exploits0References2
Fedora
Fedora
added 2015/08/12 7:2 a.m.49 views

[SECURITY] Fedora 22 Update: xfsprogs-3.2.2-2.fc22

A set of commands to use the XFS filesystem, including mkfs.xfs. XFS is a high performance journaling filesystem which originated on the SGI IRIX platform. It is completely multi-threaded, can support large files and large filesystems, extended attributes, variable block sizes, is extent based, a...

10CVSS0.07532EPSS
Exploits0
Fedora
Fedora
added 2015/06/02 3:14 p.m.34 views

[SECURITY] Fedora 22 Update: libtiff-4.0.3-20.fc22

The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if yo...

6.5CVSS2AI score0.03341EPSS
Exploits1
NVD
NVD
added 2014/09/12 1:55 a.m.28 views

CVE-2014-4792

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service disk consumption by uploading large files...

4CVSS6AI score0.01878EPSS
Exploits0References4
Prion
Prion
added 2014/09/12 1:55 a.m.26 views

Code injection

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service disk consumption by uploading large files...

4CVSS6.6AI score0.01878EPSS
Exploits0References4Affected Software1
Fedora
Fedora
added 2013/09/30 12:48 a.m.27 views

[SECURITY] Fedora 18 Update: filezilla-3.7.3-1.fc18

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...

6.8CVSS0.8AI score0.03447EPSS
Exploits4
Rows per page
Query Builder