Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 4:45 a.m.11 views

CVE-2023-22740

Discourse is an open source platform for community discussion. Versions prior to 3.1.0.beta1 beta tests-passed are vulnerable to Allocation of Resources Without Limits. Users can create chat drafts of an unlimited length, which can cause a denial of service by generating an excessive load on the...

6.5CVSS6.7AI score0.00683EPSS
Exploits0References1
osv
osv
added 2023/01/14 3:30 p.m.24 views

GHSA-RC42-JGHF-VR8F Integer overflow in publify_core

Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10 due to an unlimited length user name field...

9.8CVSS8.5AI score0.30778EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2022/11/28 12:0 a.m.5 views

PT-2022-26151 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 2.9.0.beta13 Description: Discourse is an open-source discussion platform. The issue allows users to post chat messages of an unlimited length, which can cause a denial of service for other users when huge amounts ...

4.3CVSS4.5AI score0.00503EPSS
Exploits0References8
nvd
nvd
added 2020/08/13 1:15 p.m.25 views

CVE-2019-16374

Pega Platform 8.2.1 allows LDAP injection because a username can contain a character and can be of unlimited length. An attacker can specify four characters of a username, followed by the character, to bypass access control...

9.8CVSS9.6AI score0.01876EPSS
Exploits0References2
prion
prion
added 2020/08/13 1:15 p.m.23 views

Improper access control

Pega Platform 8.2.1 allows LDAP injection because a username can contain a character and can be of unlimited length. An attacker can specify four characters of a username, followed by the character, to bypass access control...

7.5CVSS9.5AI score0.01876EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder