CVE-2026-25780 Memory Exhaustion via Malformed DOC File Upload

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing DOC files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted DOC file.. Mattermost Advisory ID:...

SigningHub 安全漏洞

SigningHub is an electronic signature platform from SigningHub UK. A security vulnerability exists in SigningHub version v8.6.8, which stems from allowing the upload of specially crafted PDF files and could lead to the execution of arbitrary code...

PT-2024-26243 · Dootask · Dootask

Name of the Vulnerable Software and Affected Versions: dootask version 0.30.13 Description: The issue allows attackers to execute arbitrary code via uploading a crafted PDF file, exploiting an arbitrary file upload vulnerability. Recommendations: For dootask version 0.30.13, update to a version...

Leantime Systems Leantime 跨站脚本漏洞

Leantime Systems Leantime is an open source project management system based on PHP and MySQL from Leantime Systems. A cross-site scripting vulnerability exists in Leantime version v3.0.6, which originates from a vulnerability that allows an attacker to execute arbitrary code by uploading a crafte...