8 matches found
Astra Linux - уязвимость в docker-registry
A flaw was discovered in the /v2/catalog endpoint located in the distribution/distribution directory. This endpoint accepts a parameter that controls the maximum number of records to be returned query string: n. This vulnerability allows a malicious user to submit an excessively large value for n...
vLLM: Unauthenticated OOM Denial of Service via Unbounded `n` Parameter in OpenAI API Server
Summary A Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the lack of an upper bound validation on the n parameter in the ChatCompletionRequest and CompletionRequest Pydantic models, an unauthenticated attacker can send a single HTTP request with an...
Code-Projects Police Station Management System 安全漏洞
Code-Projects Police Station Management System is an open source police station management system from Code-Projects. A security vulnerability exists in Code-Projects Police Station Management System version 1.0, which is caused by a buffer overflow due to incorrect manipulation of parameter N in...
Code-Projects Job Recruitment 注入漏洞
Code-Projects Job Recruitment is an open source job portal from Code-Projects. An injection vulnerability exists in Code-Projects Job Recruitment version 1.0, which stems from a manipulation of the parameter n that can lead to SQL injection...
Code-Projects Job Recruitment 注入漏洞
Code-Projects Job Recruitment is an open source job portal from Code-Projects. An injection vulnerability exists in Code-Projects Job Recruitment version 1.0, which stems from the fact that incorrect manipulation of the parameter n can lead to SQL injection...
UBUNTU-CVE-2023-2253
A flaw was found in the /v2/catalog endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned query string: n. This vulnerability allows a malicious user to submit an unreasonably large value for n, causing the allocation of a massive strin...
CVE-2021-45822
A cross-site scripting vulnerability is present in Xbtit 3.1. The stored XSS vulnerability occurs because /ajaxchat/sendChatData.php does not properly validate the value of the "n" POST parameter. Through this vulnerability, an attacker is capable to execute malicious JavaScript code...
Xbtit 跨站脚本漏洞
Xbtit is a tracker software. A cross-site scripting vulnerability exists in Xbtit version 3.1. The vulnerability occurs when /ajaxchat/sendChatData.php fails to properly validate the value of the "n" POST parameter. An attacker could exploit this vulnerability to execute malicious JavaScript code...