Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Github Security Blog
Github Security Blogadded 2026/04/06 10:54 p.m.2 views

PocketMine-MP: JSON decoding of unlimited size large arrays/objects in ModalFormResponse Handling

Impact The server does not meaningfully limit the size of the JSON payload in ModalFormResponsePacket. This can be abused by an attacker to waste memory and CPU on an affected server, e.g. by sending arrays with millions of elements. The player must have a full session on the server i.e. spawned ...

5.9AI score
Exploits0References4Affected Software1
OSV
OSVadded 2026/04/06 10:54 p.m.0 views

GHSA-788V-5PFP-93FF PocketMine-MP: JSON decoding of unlimited size large arrays/objects in ModalFormResponse Handling

Impact The server does not meaningfully limit the size of the JSON payload in ModalFormResponsePacket. This can be abused by an attacker to waste memory and CPU on an affected server, e.g. by sending arrays with millions of elements. The player must have a full session on the server i.e. spawned ...

7.1CVSS5.9AI score
Exploits0References4
Snyk
Snykadded 2026/04/06 10:54 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview pocketmine/pocketmine-mp is a highly customisable, open source server software for Minecraft: Bedrock Edition written in PHP Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the ModalFormResponsePacket handling process. An attack...

7.1CVSS5.9AI score
Exploits0References2
OSV
OSVadded 2023/01/10 12:41 a.m.25 views

GHSA-7M9R-RQ9J-WMMH PocketMine-MP vulnerable to denial-of-service by sending large modal form responses

Impact Due to a workaround for an old client bug which has since been fixed, very large JSON payloads in ModalFormResponsePacket were able to cause the server to spend a significant amount of time processing the packet. Large numbers of these packets were able to hog CPU time so as to prevent the...

5.3CVSS6.9AI score
Exploits0References2
OSV
OSVadded 2020/07/22 6:53 p.m.2 views

DRUPAL-CONTRIB-2020-029

The Modal form module is a toolset for quick start of using forms in modal windows. Any form is available for view and submit when the modalform module is installed. The only requirement is to know the form's fully-qualified class name...

6.7AI score
Exploits0References1
Drupal
Drupaladded 2020/07/22 12:0 a.m.56 views

Modal Form - Critical - Access bypass - SA-CONTRIB-2020-029

The Modal form module is a toolset for quick start of using forms in modal windows. Any form is available for view and submit when the modalform module is installed. The only requirement is to know the form's fully-qualified class name...

6.6AI score
Exploits0References6
Rows per page
Query Builder