Lucene search
K

185 matches found

RedHat Linux
RedHat Linux
added 2024/07/15 4:19 p.m.32 views

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.91969EPSS
Exploits1References2
OSV
OSV
added 2024/06/14 1:59 p.m.36 views

RLSA-2024:3346 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288...

7.5CVSS8.1AI score0.91969EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/06/04 2:43 p.m.32 views

CVE-2024-32871 Pimcore Vulnerable to Flooding Server with Thumbnail files

Pimcore is an Open Source Data & Experience Management Platform. The Pimcore thumbnail generation can be used to flood the server with large files. By changing the file extension or scaling factor of the requested thumbnail, attackers can create files that are much larger in file size than the...

7.5CVSS6.6AI score0.00763EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2024/05/10 2:32 p.m.41 views

git-lfs security update

An update is available for git-lfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...

7.5CVSS7.3AI score0.91969EPSS
Exploits1
Rockylinux
Rockylinux
added 2024/05/09 6:50 p.m.28 views

git-lfs security update

An update is available for git-lfs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...

7.5CVSS7.5AI score0.91969EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/05/07 10:45 a.m.31 views

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.1AI score0.91969EPSS
Exploits1References5
Fedora
Fedora
added 2024/04/25 1:37 a.m.17 views

[SECURITY] Fedora 38 Update: filezilla-3.67.0-1.fc38

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

5.9CVSS5.7AI score0.05773EPSS
Exploits0
Fedora
Fedora
added 2024/04/18 1:12 a.m.23 views

[SECURITY] Fedora 39 Update: filezilla-3.67.0-1.fc39

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

5.9CVSS5.7AI score0.05773EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.7 views

PT-2024-18255 · Gradio · Gradio

Name of the Vulnerable Software and Affected Versions: gradio versions prior to 4.19.2 Description: A Cross-Site Request Forgery CSRF issue allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an...

4.3CVSS5AI score0.00352EPSS
Exploits1References15
OSV
OSV
added 2024/03/06 10:52 a.m.24 views

BIT-GIT-LFS-2021-21237 Git LFS can execute a Git binary from the current directory on Windows

Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program would be executed, permitting the attacker to execute arbitrary code. This does not affect Unix...

10CVSS8.9AI score0.82715EPSS
Exploits14References5
Prion
Prion
added 2024/02/29 1:44 a.m.89 views

Code injection

http-swagger before 1.2.6 allows XSS via PUT requests, because a file that has been uploaded via httpSwagger.WrapHandler and webdav.memFile can subsequently be accessed via a GET request. NOTE: this is independently fixable with respect to CVE-2022-24863, because if a solution continued to allow...

6AI score0.02333EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/12/24 12:0 a.m.6 views

Fedora: Security Advisory for filezilla (FEDORA-2023-7934efb5e3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2023/12/23 4:35 a.m.22 views

[SECURITY] Fedora 38 Update: filezilla-3.66.4-1.fc38

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

7.3AI score
Exploits0
OSV
OSV
added 2023/04/03 7:18 p.m.15 views

GHSA-33PV-VCGH-JFG9 Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files

Impact A memory exhaustion bug exists in Wagtail's handling of uploaded images and documents. For both images and documents, files are loaded into memory during upload for additional processing. A user with access to upload images or documents through the Wagtail admin interface could upload a fi...

5.9CVSS5AI score0.0107EPSS
Exploits0References11
Cvelist
Cvelist
added 2023/04/03 4:41 p.m.40 views

CVE-2023-28837 Wagtail vulnerable to denial-of-service via memory exhaustion when uploading large files

Wagtail is an open source content management system built on Django. Prior to versions 4.1.4 and 4.2.2, a memory exhaustion bug exists in Wagtail's handling of uploaded images and documents. For both images and documents, files are loaded into memory during upload for additional processing. A use...

4.9CVSS5.4AI score0.0107EPSS
Exploits0References8
FreeBSD
FreeBSD
added 2023/04/03 12:0 a.m.18 views

py-wagtail -- DoS vulnerability

A memory exhaustion bug exists in Wagtail's handling of uploaded images and documents. For both images and documents, files are loaded into memory during upload for additional processing. A user with access to upload images or documents through the Wagtail admin interface could upload a file so...

4.9CVSS6.8AI score0.0107EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/03/23 8:15 p.m.34 views

CVE-2023-1289

A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial o...

5.5CVSS5.4AI score0.00865EPSS
Exploits1References4
NVD
NVD
added 2023/03/08 9:15 p.m.15 views

CVE-2023-22890

SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...

7.5CVSS7.4AI score0.00644EPSS
Exploits0References1
Prion
Prion
added 2023/03/08 9:15 p.m.15 views

Race condition

SmartBear Zephyr Enterprise through 7.15.0 allows unauthenticated users to upload large files, which could exhaust the local drive space, causing a denial of service condition...

5CVSS7.4AI score0.00644EPSS
Exploits0References1Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-2799

Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an assert statement. NOTE: this issue is due to an...

5.1CVSS8.1AI score0.02702EPSS
Exploits1References4
Rows per page
Query Builder