5 matches found
PT-2025-44214
Name of the Vulnerable Software and Affected Versions PrivateBin versions 1.7.7 through 2.0.1 Description PrivateBin is an online pastebin designed to ensure the server has no knowledge of pasted data. Versions 1.7.7 through 2.0.1 are susceptible to persistent HTML injection. This occurs through ...
SUSE CVE-2025-7338
Multer is a node.js middleware for handling multipart/form-data. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.2 allows an attacker to trigger a Denial of Service DoS by sending a malformed multi-part upload request. This request causes an unhandled...
GHSA-FJGF-RC76-4X9P Multer vulnerable to Denial of Service via unhandled exception from malformed request
Impact A vulnerability in Multer versions = 1.4.4-lts.1, 2.0.2 allows an attacker to trigger a Denial of Service DoS by sending a malformed request. This request causes an unhandled exception, leading to a crash of the process. Patches Users should upgrade to 2.0.2 Workarounds None...
PT-2025-5572 · Snowflake · Snowflake-Connector-Nodejs
Name of the Vulnerable Software and Affected Versions: snowflake-connector-nodejs versions 1.12.0 through 2.0.1 Description: The issue concerns a vulnerability in the Snowflake NodeJS Driver where file permissions checks of the temporary credential cache could be bypassed by an attacker with writ...
PT-2024-10085 · Drupal · Download All Files
Name of the Vulnerable Software and Affected Versions: Download All Files versions 0.0.0 through 2.0.1 Description: The issue is related to a Missing Authorization vulnerability in the Download All Files module for the Drupal CMS, which allows for Forceful Browsing. This vulnerability can be...