EUVD-2024-55542

Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface...

CVE-2024-33618

Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface...

CVE-2024-33618

CVE-2024-33618 affects Bosch VMS Central Server (Bosch VMS 12.0.1). The issue is uncontrolled resource consumption that can cause excessive disk-space usage over the network interface. The provided documents do not specify the root cause details, vulnerable component version ranges beyond 12.0.1,...

CVE-2024-33618

Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface...

Bosch VMS Central Server 安全漏洞

Bosch VMS Central Server is a core server component of the video management system developed by the German company Bosch. Version 12.0.1 of Bosch VMS Central Server contains a security vulnerability. This vulnerability stems from uncontrolled consumption of network interface resources, which coul...

CVE-2022-50890

Owlfiles File Manager 12.0.1 contains a path traversal vulnerability in its built-in HTTP server that allows attackers to access system directories. Attackers can exploit the vulnerability by crafting GET requests with directory traversal sequences to access restricted system directories on the...

Owlfiles 跨站脚本漏洞

Owlfiles is a file manager from Owlfiles, Inc. A cross-site scripting vulnerability exists in Owlfiles version 12.0.1, which stems from a cross-site scripting vulnerability in the path parameter in the HTTP server endpoint that could lead to the execution of arbitrary JavaScript...

CVE-2024-31895

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176...

CVE-2019-1010283

Univention Corporate Server univention-directory-notifier 12.0.1-3 and earlier is affected by: CWE-213: Intentional Information Exposure. The impact is: Loss of Confidentiality. The component is: function dataonconnection in src/callback.c. The attack vector is: network connectivity. The fixed...

CVE-2025-30225

Directus is a real-time API and App dashboard for managing SQL database content. The @directus/storage-driver-s3 package starting in version 9.22.0 and prior to version 12.0.1, corresponding to Directus starting in version 9.22.0 and prior to 11.5.0, is vulnerable to asset unavailability after a...

CVE-2025-30225 Directus's S3 assets become unavailable after a burst of malformed transformations

Directus is a real-time API and App dashboard for managing SQL database content. The @directus/storage-driver-s3 package starting in version 9.22.0 and prior to version 12.0.1, corresponding to Directus starting in version 9.22.0 and prior to 11.5.0, is vulnerable to asset unavailability after a...

CVE-2025-30225 Directus's S3 assets become unavailable after a burst of malformed transformations

Directus is a real-time API and App dashboard for managing SQL database content. The @directus/storage-driver-s3 package starting in version 9.22.0 and prior to version 12.0.1, corresponding to Directus starting in version 9.22.0 and prior to 11.5.0, is vulnerable to asset unavailability after a...

Hitachi Energy RTU500 Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : RTU500 Series Vulnerabilities : Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow the...

CVE-2023-40167 Jetty accepts "+" prefixed value in Content-Length

Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the + character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Monterey versions prior to 12.0.1, which stems from faulty code logic. The vulnerability can be exploited by an attacker to access a local user's Apple ID...

CVE-2022-28841

Adobe Bridge version 12.0.1 and earlier versions is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2022-28844

Adobe Bridge version 12.0.1 and earlier versions is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2022-28846

Adobe Bridge version 12.0.1 and earlier versions is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2022-28847

Adobe Bridge version 12.0.1 and earlier versions is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2022-28843

Adobe Bridge version 12.0.1 and earlier versions is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...