GHSA-36WV-V2QP-V4G4 Apache CXF is vulnerable to DoS attacks as entire files are read into memory and logged

Apache CXF stores large stream based messages as temporary files on the local filesystem. A bug was introduced which means that the entire temporary file is read into memory and then logged. An attacker might be able to exploit this to cause a denial of service attack by causing an out of memory...

PT-2022-9638

Name of the Vulnerable Software and Affected Versions Popup Builder WordPress plugin versions prior to 4.0.7 Description The issue is related to a Local File Inclusion problem due to the lack of validation and sanitization of the sgpb type parameter, which is used in a require statement. This can...

PT-2021-4536 · Redmine · Redmine

Name of the Vulnerable Software and Affected Versions: Redmine versions 4.0.0 through 4.0.6 Redmine versions 4.1.0 through 4.1.0 Description: The issue is related to stored XSS via textile inline links, which can be exploited by a remote attacker to impact data integrity. The vulnerability is due...