185 matches found
PYSEC-2017-83
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
CVE-2017-14158
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
UBUNTU-CVE-2017-14158
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
CVE-2017-14158
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
py-Scrapy -- DoS vulnerability
kmike and nramirezuy report: Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage...
CVE-2016-5004
The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...
Integer overflow
The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error...
UBUNTU-CVE-2017-8782
The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is mishandled by listswf, listaction, etc. This occurs because of an integer overflow that leads to a memory allocation error...
CVE-2017-9061
In WordPress before 4.7.5, a cross-site scripting XSS vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename...
UBUNTU-CVE-2017-6819
In WordPress before 4.7.3, there is cross-site request forgery CSRF in Press This wp-admin/includes/class-wp-press-this.php, leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This...
UBUNTU-CVE-2015-8953
fs/overlayfs/copyup.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which allows local users to cause a denial of service dentry reference leak via filesystem operations on a large file in a lower overlayfs layer...
[SECURITY] Fedora 25 Update: filezilla-3.21.0-1.fc25
FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...
Add From Server < 3.3.2 - Cross-Site Request Forgery (CSRF)
An attacker can use this issue to add illegal content to the victims server, or add very large files to the victim's server to exhaust the amount of available disk space...
The vulnerability of the NX-OS network operating system allows a hacker to induce a maintenance failure.
The vulnerability of the NX-OS network operating system is related to resource management errors. Exploiting this vulnerability allows a malicious actor, who operates remotely and has completed the authentication process, to cause service failure by copying large files to the device’s file system...
CVE-2015-4301
Cisco NX-OS on Nexus 9000 devices 11.11c allows remote authenticated users to cause a denial of service device hang via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225...
[SECURITY] Fedora 22 Update: xfsprogs-3.2.2-2.fc22
A set of commands to use the XFS filesystem, including mkfs.xfs. XFS is a high performance journaling filesystem which originated on the SGI IRIX platform. It is completely multi-threaded, can support large files and large filesystems, extended attributes, variable block sizes, is extent based, a...
[SECURITY] Fedora 22 Update: libtiff-4.0.3-20.fc22
The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if yo...
CVE-2014-4792
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service disk consumption by uploading large files...
Code injection
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service disk consumption by uploading large files...
[SECURITY] Fedora 18 Update: filezilla-3.7.3-1.fc18
FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFT P - Cross-platform - Available in many languages - Supports resume and transfer of large files 4GB - Easy to use Site Manager and transfer queue - Dr...