EUVD-2019-20029

WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specially crafted AVI file with an oversized buffer and load it through the Convert to iPhone function ...

CVE-2026-30961 Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, the chunked upload completion path for file requests does not validate the total file size against the per-request MaxSize limit. An attacker with a public file request link can split an...

CVE-2025-53891 TIME LINE has Improper File Validation in Upload Section

The timelineofficial/Time-Line- repository contains the source code for the TIME LINE website. A vulnerability was found in the TIME LINE website where uploaded files instruction/message media are not strictly validated for type and size. A user may upload renamed or oversized files that can...

CVE-2022-2406

The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API...

CVE-2018-15396

A vulnerability in the Bulk Administration Tool BAT for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability exists because the affected software does not restrict the maximum size of...

Cisco Nexus 9000 Series NX-OS '/tmp' Directory File Resource Consumption Vulnerability

Cisco Nexus is a data center-class switch from Cisco. A security vulnerability exists in the Cisco Nexus 9000 Series NX-OS that allows an authenticated user to copy oversized files to the '/tmp' directory, and an error occurs in the processing of the files, which can consume a large amount of...