@baloise/design-system-components (>=0.0.0 <=15.2.4), @baloise/design-system-components-angular (>=0.0.0 <=15.2.4) +33 more potentially affected by unknown CVE via filesize.js (=2.0.0)

filesize.js NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on filesize.js and may be impacted: - @baloise/design-system-components =0.0.0, =0.0.0, =0.0.0, =0.0.0-nightly-20230817143308, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0,...

CVE-2026-30961 Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, the chunked upload completion path for file requests does not validate the total file size against the per-request MaxSize limit. An attacker with a public file request link can split an...

EUVD-2024-52529

Malicious code in bioql PyPI...

EUVD-2021-27700

Malicious code in bioql PyPI...

EUVD-2024-34053

Malicious code in bioql PyPI...

CVE-2024-54409

Cross-Site Request Forgery CSRF vulnerability in fzmaster XPD Reduce Image Filesize xpd-reduce-image-filesize allows Stored XSS.This issue affects XPD Reduce Image Filesize: from n/a through = 1.0...

CVE-2024-11316

Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

CVE-2024-54409

Cross-Site Request Forgery CSRF vulnerability in fzmaster XPD Reduce Image Filesize xpd-reduce-image-filesize allows Stored XSS.This issue affects XPD Reduce Image Filesize: from n/a through = 1.0...

CVE-2024-54409 WordPress XPD Reduce Image Filesize plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in fzmaster XPD Reduce Image Filesize xpd-reduce-image-filesize allows Stored XSS.This issue affects XPD Reduce Image Filesize: from n/a through = 1.0...

CVE-2024-54409 WordPress XPD Reduce Image Filesize plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in fzmaster @ XPD XPD Reduce Image Filesize allows Stored XSS.This issue affects XPD Reduce Image Filesize: from n/a through 1.0...

CVE-2024-54409

CVE-2024-54409 is a CSRF vulnerability in the WordPress plugin XPD Reduce Image Filesize (also noted as XPD XPD Reduce Image Filesize) that enables a Stored XSS when exploited. The initial record lists affected versions as from n/a through 1.0, with a CVSSv3.1 base score of 7.1 (HIGH) , attack ve...

WordPress plugin XPD Reduce Image Filesize 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2024-36296 · Unknown · Xpd Reduce Image Filesize

Name of the Vulnerable Software and Affected Versions: XPD Reduce Image Filesize versions n/a through 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a we...

WordPress XPD Reduce Image Filesize plugin <= 1.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin XPD Reduce Image Filesize versions = 1.0...

CVE-2024-11316 Filesize Check

Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

CVE-2024-11316 Filesize Check

Fileszie Check vulnerabilities allow a malicious user to bypass size limits or overload to the product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

DEBIAN-CVE-2021-40524

In Pure-FTPd before 1.0.50, an incorrect maxfilesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initial -1 value. Versions 1.0.2...

UBUNTU-CVE-2021-40524

In Pure-FTPd before 1.0.50, an incorrect maxfilesize quota mechanism in the server allows attackers to upload files of unbounded size, which may lead to denial of service or a server hang. This occurs because a certain greater-than-zero test does not anticipate an initial -1 value. Versions 1.0.2...

AnonX - An Encrypted File Transfer Via AES-256-CBC

An Encrypted File transfer via AES-256-CBC AnonX is an encrypted file uploader and downloader. The uploaded archive lasts for one week and shall remove from the server. AnonX encrypts the directory before uploading it to the server. The download function requires the download id and AES password ...

openSUSE Security Update : libzypp / zypper (openSUSE-2019-685)

This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : - CVE-2018-7685: PackageProvider: Validate RPMs before caching bsc1091624, bsc1088705 - CVE-2017-9269: Be sure bad packages do not stay in the cache bsc1045735 Changes in libzypp : - Update to...