GitLab 18.9 < 18.9.1 (CVE-2026-1725)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Cross-site Scripting issue in Mermaid sandbox impacts GitLab CE/EE Denial of Service issue in container registry impacts GitLab CE/EE Denial of Service issue in Jira events endpoint...

Software ARIS 安全漏洞

Software ARIS is a business process analysis tool from Software, Germany. A security vulnerability exists in Software ARIS 10.0.23.0.3587512 and prior versions, which stems from a lack of rate limiting in the file upload functionality and could lead to resource exhaustion...

EUVD-2023-33503

Malicious code in bioql PyPI...

EUVD-2024-3424

Malicious code in bioql PyPI...

EUVD-2022-5592

Malicious code in bioql PyPI...

CVE-2023-45371

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging items...

CVE-2023-27152

DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication...

CVE-2020-27423

Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox...

Linux Distros Unpatched Vulnerability : CVE-2024-37302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open-source Matrix homeserver. Synapse versions before 1.106 are vulnerable to a disk fill attack, where an unauthenticated adversary can induce...

CVE-2024-37302 Synapse denial of service through media disk space consumption

Synapse is an open-source Matrix homeserver. Synapse versions before 1.106 are vulnerable to a disk fill attack, where an unauthenticated adversary can induce Synapse to download and cache large amounts of remote media. The default rate limit strategy is insufficient to mitigate this. This can le...

Nextcloud: Missing brute force protection for passwords of password protected share links

A missing brute force protection vulnerability was found in the password protection feature of shared files, allowing an attacker to bypass the password protection of the shared files due to the lack of rate limit. This could lead to unauthorized access to protected files...

ircd-hybrid.txt

Name : ircd-hybrid-7/ircd-ratbox low-bandwidth DoS Date : June 14th 2004 Author : Erik Sperling Johansen Severity : Medium This has been tested on most the ircd versions currently used on EFNet. Other ircds may be affected. Affected: ircd-hybrid =1.5.2 ircd-ratbox =2.0rc7 ircd-hybrid 6 csircd...