Improper Handling of Length Parameter Inconsistency

Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Improper Handling of Length Parameter Inconsistency in the handling of ASGI requests when the Content-Length header is missing or...

CVE-2025-68971

A flaw was found in Forgejo. A remote attacker could exploit this vulnerability in the attachment component by uploading a multi-gigabyte file attachment, such as to an issue or a release. This could lead to a Denial of Service DoS, making the service unavailable to legitimate users...

Forgejo 安全漏洞

Forgejo is a lightweight Git service. Forgejo versions 13.0.3 and earlier have security vulnerabilities; these vulnerabilities stem from the attachment component allowing the upload of files that can exceed several GB in size, which may lead to denial-of-service attacks...

Gokapi 安全漏洞

Gokapi is a lightweight, self-hosted alternative to Firefox sending by Marc Bulling. Versions of Gokapi prior to 2.2.4 contained a security vulnerability, where the path for multipart uploads did not verify the total file size. This vulnerability could allow attackers to upload extremely large...

Linux Distros Unpatched Vulnerability : CVE-2025-11974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowe...

BIT-GITLAB-2025-11974 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large files to specific API endpoints...

CVE-2025-11974

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large files to specific API endpoints...

EUVD-2025-35952

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large files to specific API endpoints...

CVE-2025-11974

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large files to specific API endpoints...

UBUNTU-CVE-2025-11974

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large files to specific API endpoints...

CVE-2025-11974 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large files to specific API endpoints...

CVE-2025-11974

GitLab CVE-2025-11974 affects GitLab CE/EE versions 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1. The issue allows an unauthenticated attacker to cause a denial-of-service by uploading large files to specific API endpoints. Affected releases have been remediated via patches: Git...

CVE-2025-11974

Removed by vendor...

CVE-2025-11974 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.7 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an unauthenticated attacker to create a denial of service condition by uploading large files to specific API endpoints...

EUVD-2017-18000

Malware in sbrugna...

Vulnerabilities fixed in GitLab CE/EE

GitLab has fixed vulnerabilities in GitLab CE/EE Versions for 18.1.6, 18.2.6, and 18.3.2. The vulnerabilities in the affected versions allow authenticated users to manipulate token management, disrupt background tasks, send multiple large SAML responses, manipulate proxy environments, access...

CVE-2025-7337

An issue has been discovered in GitLab CE/EE affecting all versions from 7.8 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user with Developer-level access to cause a persistent denial of service affecting all users on a GitLab instance by...

CVE-2025-7337 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 7.8 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user with Developer-level access to cause a persistent denial of service affecting all users on a GitLab instance by...

PT-2025-37294

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 7.8 through 18.1.5 GitLab CE/EE versions 18.2 through 18.2.5 GitLab CE/EE versions 18.3 through 18.3.1 Description: An authenticated user with Developer-level access could cause a persistent denial of service affecting a...

Linux Distros Unpatched Vulnerability : CVE-2017-9061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.7.5, a cross-site scripting XSS vulnerability exists when attempting to upload very large files, because the error message does not proper...