Lucene search
K

52 matches found

CNNVD
CNNVD
added 2026/04/13 12:0 a.m.7 views

Pandora FMS 安全漏洞

Pandora FMS is a monitoring system developed by the American company Pandora FMS. This system provides visual monitoring of networks, servers, virtual infrastructure, and applications. Versions 777 to 800 of Pandora FMS have a security vulnerability; this vulnerability stems from unlimited upload...

8.6CVSS6.2AI score0.00432EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.7 views

Airleader Master 代码问题漏洞

Airleader Master is a management device developed by the American company Airleader, used for managing air compressors. Versions of Airleader Master 6.381 and earlier contained code vulnerabilities due to unlimited file upload capabilities, which could lead to remote code execution...

9.8CVSS7.8AI score0.01207EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.8 views

NTN Smart Panel 代码问题漏洞

NTN Smart Panel is a software for insurance business operations developed by the Turkish company NTN. Versions of NTN Smart Panel prior to 20251215 had code-related vulnerabilities. These vulnerabilities stemmed from unlimited upload of dangerous types of files, which could lead to access to...

9.8CVSS5.8AI score0.00385EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.13 views

Hillstone Operation and Maintenance Security Gateway 安全漏洞

Hillstone Operation and Maintenance Security Gateway is a network operation and maintenance management platform developed by Hillstone Corporation. Version V5.5ST00001B113 of the Hillstone Operation and Maintenance Security Gateway contains a security vulnerability. This vulnerability stems from...

2.7CVSS5.8AI score0.00311EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.10 views

Solvera Teknoera code-related vulnerabilities

Solvera Teknoera is a technology development management software developed by the Turkish company Solvera. Versions of Solvera Teknoera prior to 01102025 contained code vulnerabilities. These vulnerabilities stemmed from unlimited uploading of dangerous types of files, which could lead to file...

8.1CVSS5.9AI score0.00322EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/08 3:15 a.m.7 views

CVE-2025-66838

In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limiting or throttling, allowing users to upload files at an unrestricted rate. An attacker can exploit this behavior to rapidly upload a large volume of files, potentially leading to resource exhaustio...

6.5CVSS7AI score0.00307EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/15 12:0 a.m.8 views

DouPHP 代码问题漏洞

DouPHP is an enterprise website builder from China DouPHP Company. A code issue vulnerability exists in DouPHP 1.8 Release 20251022 and earlier versions, which stems from the incorrect operation of the parameter File in the file upload/include/file.class.php, which can lead to unlimited uploads...

5.8CVSS5.1AI score0.00232EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25623

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00355EPSS
Exploits0References4
Veracode
Veracode
added 2025/09/19 12:33 p.m.5 views

Denial Of Service (DoS)

Liferay Portal is vulnerable to Denial of Service DoS. The vulnerability is due to insufficient restrictions on file uploads through forms, which are stored in the documentlibrary, allowing an attacker to upload unlimited files and cause a potential DDoS...

6.5CVSS6.7AI score0.00355EPSS
Exploits0References5Affected Software2
Veracode
Veracode
added 2025/09/16 6:19 a.m.6 views

Denial Of Service (DoS)

com.liferay.portal, release.portal.bom are vulnerable to Denial Of Service DoS. The vulnerability is due to allowing unlimited file uploads through object entries attachment fields, which are stored in the documentlibrary, allowing an attacker to cause a potential Denial-of-Service DDoS attack...

6.5CVSS6.8AI score0.00288EPSS
Exploits0References7Affected Software2
RedhatCVE
RedhatCVE
added 2025/08/24 7:26 p.m.7 views

CVE-2025-43762

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...

5.3CVSS6.9AI score0.00355EPSS
Exploits0References1
Snyk
Snyk
added 2025/08/22 9:31 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the lack of temporary file deletions in the forms upload field. An attacker can exhaust system resources by uploading an unlimited number of files, potentially leading to...

6.5CVSS7.1AI score0.00355EPSS
Exploits0References2
OSV
OSV
added 2025/08/22 9:31 p.m.5 views

GHSA-84PP-QR92-95C9 Liferay Portal users can upload an unlimited amount of files

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...

5.3CVSS5.9AI score0.00355EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/08/22 9:31 p.m.9 views

Liferay Portal users can upload an unlimited amount of files

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...

6.5CVSS6.8AI score0.00355EPSS
Exploits0References5Affected Software2
NVD
NVD
added 2025/08/22 7:15 p.m.7 views

CVE-2025-43762

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...

6.5CVSS0.00355EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/22 6:43 p.m.4 views

CVE-2025-43762

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...

5.3CVSS6.3AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/22 6:43 p.m.11 views

CVE-2025-43762

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...

5.3CVSS0.00355EPSS
Exploits0References1
CVE
CVE
added 2025/08/22 6:43 p.m.19 views

CVE-2025-43762

CVE-2025-43762 affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP 2025.Q1.0–2025.Q1.1 (also 2024 Qx releases), where forms upload allows an unlimited number of files to be stored in document_library, enabling a potential DDoS. Concrete details available: vulnerable components include form upl...

6.5CVSS6.8AI score0.00355EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2025/08/22 3:30 a.m.6 views

GHSA-QPP6-F3QJ-RGGQ Liferay Portal's Unlimited File Upload Could Result in DoS

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...

5.3CVSS6.8AI score0.00288EPSS
Exploits0References7
OSV
OSV
added 2025/08/22 1:16 a.m.4 views

CVE-2025-43752

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...

6.5CVSS5.8AI score0.00288EPSS
Exploits0References1
Rows per page
Query Builder