Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2025/10/28 12:0 a.m.5 views

PT-2025-44214

Name of the Vulnerable Software and Affected Versions PrivateBin versions 1.7.7 through 2.0.1 Description PrivateBin is an online pastebin designed to ensure the server has no knowledge of pasted data. Versions 1.7.7 through 2.0.1 are susceptible to persistent HTML injection. This occurs through ...

5.8CVSS6.6AI score0.00277EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/07/18 11:24 p.m.5 views

SUSE CVE-2025-7338

Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service DoS by sending a malformed multi-part upload request. This request causes an unhandled...

7.5CVSS6.5AI score0.00644EPSS
Exploits0References3
OSV
OSV
added 2025/07/17 9:1 p.m.3 views

GHSA-FJGF-RC76-4X9P Multer vulnerable to Denial of Service via unhandled exception from malformed request

Impact A vulnerability in Multer versions = 1.4.4-lts.1, 2.0.2 allows an attacker to trigger a Denial of Service DoS by sending a malformed request. This request causes an unhandled exception, leading to a crash of the process. Patches Users should upgrade to 2.0.2 Workarounds None...

7.5CVSS6.8AI score0.00644EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/29 12:0 a.m.5 views

PT-2025-5572 · Snowflake · Snowflake-Connector-Nodejs

Name of the Vulnerable Software and Affected Versions: snowflake-connector-nodejs versions 1.12.0 through 2.0.1 Description: The issue concerns a vulnerability in the Snowflake NodeJS Driver where file permissions checks of the temporary credential cache could be bypassed by an attacker with writ...

5.5CVSS6.7AI score0.00143EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.4 views

PT-2024-10085 · Drupal · Download All Files

Name of the Vulnerable Software and Affected Versions: Download All Files versions 0.0.0 through 2.0.1 Description: The issue is related to a Missing Authorization vulnerability in the Download All Files module for the Drupal CMS, which allows for Forceful Browsing. This vulnerability can be...

5.3CVSS7.4AI score0.00292EPSS
Exploits0References7
Rows per page
Query Builder