EUVD-2024-21271

Malicious code in bioql PyPI...

CVE-2024-23824

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

CVE-2024-22393

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...

GHSA-RMQP-MVV2-54C6 Apache Answer Unrestricted Upload of File with Dangerous Type vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...

CVE-2024-22393

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...

CVE-2024-22393

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...

Unrestricted file upload

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...

CVE-2024-22393

The CVE-2024-22393 issue affects Apache Answer up to version 1.2.1 and enables a pixel-flood DoS by uploading large image files. A logged-in user can trigger memory exhaustion, leading to a server DoS. Remediation is to upgrade to version 1.2.5 (or later). Multiple sources (NVD, Red Hat, CNVD, Ve...

CVE-2024-22393 Apache Answer: Pixel Flood Attack by uploading the large pixel file

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...

CVE-2024-22393 Apache Answer: Pixel Flood Attack by uploading the large pixel file

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...

PT-2024-19386 · Apache · Apache Answer

Name of the Vulnerable Software and Affected Versions: Apache Answer versions through 1.2.1 Description: The issue affects Apache Answer, allowing a logged-in user to cause a Pixel Flood Attack by uploading large pixel files, which can cause the server to run out of memory. This can be done by...

CVE-2024-23824

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

Code injection

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

CVE-2024-23824 mailcow ipixel flood attack leads to Denial of Service in admin page

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

CVE-2024-23824

CVE-2024-23824 affects mailcow (dockerized email package). A pixel flood vulnerability arises when a payload is uploaded in the logo, causing the admin page to slow down and become unresponsive. Affected versions are 2023-12a and prior; a patch was released in 2024-01. Mitigation/remediation: upg...

CVE-2024-23824 mailcow ipixel flood attack leads to Denial of Service in admin page

mailcow is a dockerized email package, with multiple containers linked in one bridged network. The application is vulnerable to pixel flood attack, once the payload has been successfully uploaded in the logo the application goes slow and doesn't respond in the admin page. It is tested on the...

PT-2024-20106 · Mailcow · Mailcow

Name of the Vulnerable Software and Affected Versions: mailcow versions 2023-12a and prior Description: The application is vulnerable to a pixel flood attack. Once the payload has been successfully uploaded in the logo, the application becomes slow and unresponsive in the admin page...

CS Money: Pixel Flood Attack leads to Application level DoS

Summary: Hello Team, I had gone through your policy and I saw that DoS is out of scope but I am not sure about Application level DoS. The another reason to report this attack because it affects real customers who want to chat with your support team. I had tested this with two accounts 1. From...

Node.js third-party modules: Pixel flood attack cause the javascript heap out of memory

I would like to report Pixel flood attack in jimp It allows flooding the memory and causing DoS by uploading a crafted image 5kb image, and the Jimp module will tries to allocate 4128062500 pixels into memory. Module module name: jimp version: An image processing library for Node written entirely...

Uber: Pixel flood attack in https://riders.uber.com/profile

Hi, It is the exact issue described here: https://hackerone.com/reports/390 Where uploading lottapixel.jpg it causes your service to time out HTTP/1.1 504 Gateway Time-out Server: nginx Date: Wed, 30 Mar 2016 02:29:22 GMT Content-Type: text/html; charset=utf-8 Content-Length: 13928 Connection:...