EUVD-2023-58903

Malicious code in bioql PyPI...

GHSA-7XQM-7738-642X File Browser's Uncontrolled Memory Consumption vulnerability can enable DoS attack due to oversized file processing

Summary A Denial of Service DoS vulnerability exists in the file processing logic when reading a file on endpoint Filebrowser-Server-IP:PORT/files/file-name . While the server correctly handles and stores uploaded files, it attempts to load the entire content into memory during read operations...

CVE-2025-53893

CVE-2025-53893 affects the filebrowser/filebrowser 2.38.0 DoS vulnerability where the server loads entire file content into memory during reads (e.g., /files/{file-name} or /api/resources/{file-name}) without size checks, enabling an authenticated user to trigger memory exhaustion and potentially...

Race Condition

github.com/theupdateframework/go-tuf/v2 is vulnerable to Race Condition. The vulnerability is due to the inconsistent tracing of delegations in the client's processing logic potentially leads to Denial Of Service...

CVE-2024-3114

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on the server...

CVE-2024-3114 Uncontrolled Resource Consumption in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on the server...

GitLab 11.10 < 17.0.6 / 17.1 < 17.1.4 / 17.2 < 17.2.2 (CVE-2024-3114)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commit...

GitLab 16.9 < 16.9.7 / 16.10 < 16.10.5 / 16.11 < 16.11.2 (CVE-2023-6682)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. A problem with t...

Improper Input Validation

emacs is vulnerable to Improper Input Validation. The vulnerability is due to a flaw in the processing logic of Emacs Org mode, allows attackers to potentially exploit trust assumptions in Emacs Org mode, as it incorrectly treats the contents of remote files as trusted without appropriate...

Huawei HarmonyOS processing logic error vulnerability

Huawei HarmonyOS is an operating system from Huawei, China. It provides a microkernel-based, fully distributed operating system. Huawei HarmonyOS is vulnerable to a processing logic error that could be exploited by an attacker to cause a WLAN denial of service...

YetiForceCrm processing logic error vulnerability

YetiForceCrm is an open source crm system from the Polish company YetiForce. Yetiforcecrm suffers from a processing logic error vulnerability, which stems from Yetiforcecrm being vulnerable to business logic errors. No detailed vulnerability details are currently available...

YetiForceCrm 输入验证错误漏洞

YetiForceCrm is an open source Crm system from the Polish company YetiForce. A processing logic error vulnerability exists in Yetiforcecrm that stems from Yetiforcecrm's susceptibility to business logic errors...

YetiForceCrm 输入验证错误漏洞

YetiForceCrm is an open source crm system from the Polish company YetiForce. Yetiforcecrm suffers from a processing logic error vulnerability, which stems from Yetiforcecrm being vulnerable to business logic errors. No detailed vulnerability details are currently available...

Apple macOS 处理逻辑错误漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. Apple macOS suffers from a Processing Logic Error vulnerability, which arises from the fact that an attacker with a privileged network position may be able to bypass HSTS...

Waimai Super Cms 处理逻辑错误漏洞

Waimai Super Cms is a takeout ordering system. A processing logic error vulnerability exists in Waimai Super Cms that stems from an improper implementation of the processing logic for the product index.php?m=gift&a=addsave link. The vulnerability can be exploited to modify the data captured in a...

PostgreSQL 处理逻辑错误漏洞

PostgreSQL is a free object-relational database management system organized by Postgresql. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A Processing Logic Error vulnerability exists in PostgreSQL, which stems from ...

Qualcomm 芯片 处理逻辑错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a processing logic error vulnerability that stems from a...

Huawei HarmonyOS 处理逻辑错误漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A Processing Logic Error vulnerability exists in Huawei HarmonyOS, which arises from improper implementation of processing logic or incomplete branch coverag...

Huawei HarmonyOS 处理逻辑错误漏洞

Huawei HarmonyOS is an operating system from Huawei, China. It provides a microkernel-based, fully distributed operating system. Huawei HarmonyOS is vulnerable to a processing logic error that could be exploited by an attacker to cause a WLAN denial of service...

Git 处理逻辑错误漏洞

Git is a free, open source distributed version control system. Git suffers from a Processing Logic Error vulnerability that stems from the fact that gitconnectgit in connect.c in Git prior to version 2.30.1 allows repository paths to contain line breaks, which can lead to unexpected cross-protoco...