Lucene search
+L

5 matches found

OSV
OSV
added 2026/07/10 1:57 p.m.5 views

CVE-2026-56309 Capgo - Plan Bypass via Unrestricted Attachment Upload Endpoint

Capgo before 12.128.2 fails to enforce plan/quota restrictions on the /files/upload/attachments endpoint, allowing plan-blocked apps to create publicly readable R2 objects. Attackers can upload arbitrary attachments using upload-scoped API keys that bypass plan checks, persist outside normal bund...

5.3CVSS6.2AI score0.00259EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-19281

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00566EPSS
Exploits0References1
Prion
Prion
added 2024/01/12 9:15 p.m.19 views

Design/Logic Flaw

Discourse is a platform for community discussion. For fields that are client editable, limits on sizes are not imposed. This allows a malicious actor to cause a Discourse instance to use excessive disk space and also often excessive bandwidth. The issue is patched 3.1.4 and 3.2.0.beta4...

4CVSS7AI score0.00566EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.6 views

Discourse 资源管理错误漏洞

Discourse is an open source community discussion platform. The platform includes features such as community, email and chat rooms. A resource management error vulnerability exists in Discourse, which stems from an unimposed size limit on client-side editable fields, and can be exploited by an...

4.3CVSS6.8AI score0.00566EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2011/08/29 9:59 a.m.3 views

DDoS Attack Using Google Plus Servers

A Security expert at Italian security firm AIR Sicurezza Informatica has claimed that Google's servers vulnerability allows a hacker to exploit the search giant's bandwidth to launch a distributed denial-of-service DDoS attack on any targeted server. On the IHTeam Security Blog , the author of th...

7AI score
Exploits0
Rows per page
Query Builder