Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/03/24 7:20 p.m.3 views

CVE-2026-33332 NiceGUI's unvalidated chunk size parameter in media routes can cause memory exhaustion

NiceGUI is a Python-based UI framework. Prior to version 3.9.0, NiceGUI's app.addmediafile and app.addmediafiles media routes accept a user-controlled query parameter that influences how files are read during streaming. The parameter is passed to the range-response implementation without...

6.9CVSS5.7AI score0.00599EPSS
Exploits0References3
OSV
OSV
added 2026/03/24 7:20 p.m.6 views

CVE-2026-33332 NiceGUI's unvalidated chunk size parameter in media routes can cause memory exhaustion

NiceGUI is a Python-based UI framework. Prior to version 3.9.0, NiceGUI's app.addmediafile and app.addmediafiles media routes accept a user-controlled query parameter that influences how files are read during streaming. The parameter is passed to the range-response implementation without...

6.9CVSS5.8AI score0.00599EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2021/12/07 12:15 a.m.4 views

CVE-2021-44684

naholyr github-todos 3.1.0 is vulnerable to command injection. The range argument for the hook subcommand is concatenated without any validation, and is directly used by the exec function...

9.8CVSS7.3AI score0.02573EPSS
Exploits1References3
OSV
OSV
added 2020/01/05 10:15 p.m.4 views

ALPINE-CVE-2019-19911

There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux...

7.5CVSS6.9AI score0.02118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/01/05 12:0 a.m.12 views

PT-2020-5160 · Python Imaging Library +1 · Pillow +1

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 6.2.2 Description: The issue is caused by the FpxImagePlugin.py file calling the range function on an unvalidated 32-bit integer, which can lead to a denial of service DoS if the number of bands is large. On Windows...

9.8CVSS7.2AI score0.99856EPSS
Exploits28References170
Rows per page
Query Builder