15 matches found
EUVD-2021-0025
Malware in sbrugna...
CVE-2025-24971
DumpDrop is a stupid simple file upload application that provides an interface for dragging and dropping files. An OS Command Injection vulnerability was discovered in the DumbDrop application, /upload/init endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely wh...
CVE-2025-24971 OS Command Injection endpoint '/upload/init' parameter 'filename' (RCE) in DumpDrop
DumpDrop is a stupid simple file upload application that provides an interface for dragging and dropping files. An OS Command Injection vulnerability was discovered in the DumbDrop application, /upload/init endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely wh...
PT-2025-5612 · Dumpdrop · Dumpdrop
Name of the Vulnerable Software and Affected Versions: DumpDrop affected versions not specified Description: The issue is related to an OS Command Injection vulnerability in the DumpDrop application, specifically in the "/upload/init" endpoint. This vulnerability could allow an attacker to execut...
CVE-2021-39229
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. In affected versions users who use Apprise granting them access to the IFTTT plugin which just comes out of the box are subject to a denial of service attac...
CVE-2021-39229
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. In affected versions users who use Apprise granting them access to the IFTTT plugin which just comes out of the box are subject to a denial of service attac...
Design/Logic Flaw
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. In affected versions users who use Apprise granting them access to the IFTTT plugin which just comes out of the box are subject to a denial of service attac...
PYSEC-2021-327
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. In affected versions users who use Apprise granting them access to the IFTTT plugin which just comes out of the box are subject to a denial of service attac...
PYSEC-2021-327
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. In affected versions users who use Apprise granting them access to the IFTTT plugin which just comes out of the box are subject to a denial of service attac...
apprise-transactions (=1.0.0) potentially affected by CVE-2021-39229 via apprise (=0.8.5)
apprise PYPI version =0.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on apprise and may be impacted: - apprise-transactions =1.0.0 Source cves: CVE-2021-39229 Source advisory: OSV:PYSEC-2021-327...
CVE-2021-39229 Regular expression deinal of service in apprise
Apprise is an open source library which allows you to send a notification to almost all of the most popular notification services available. In affected versions users who use Apprise granting them access to the IFTTT plugin which just comes out of the box are subject to a denial of service attac...
CVE-2021-39229
CVE-2021-39229 affects the Apprise library via the IFTTT plugin (NotifyIFTTT.py). A denial-of-service vulnerability is caused by an inefficient regular expression, with the vulnerable pattern located at lines 356–359 in the referenced file. The issue was fixed in release 0.9.5.1; if upgrading isn...
GHSA-QHMP-H54X-38QR Apprise vulnerable to regex injection with IFTTT Plugin
Impact Anyone publicly hosting the Apprise library and granting them access to the IFTTT notification service. Patches Update to Apprise v0.9.5.1 bash Install Apprise v0.9.5.1 from PyPI pip install apprise==0.9.5.1 The patch to the problem was performed here. Workarounds Alternatively, if upgradi...
Apprise vulnerable to regex injection with IFTTT Plugin
Impact Anyone publicly hosting the Apprise library and granting them access to the IFTTT notification service. Patches Update to Apprise v0.9.5.1 bash Install Apprise v0.9.5.1 from PyPI pip install apprise==0.9.5.1 The patch to the problem was performed here. Workarounds Alternatively, if upgradi...
Apprise 资源管理错误漏洞
Apprise is used for push notifications on almost all platforms. Apprise suffers from a resource management error vulnerability that allows attackers to conduct ReDoS Regular Expression Denial of Service attacks...