Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limiting or throttling, allowing users to upload files at an unrestricted rate. An attacker can exploit t
A vulnerability has been found in shishuocms 1.1 and classified as critical. This vulnerability affects the function handleRequest of the file src/main/java/com/shishuo/cms/action/manage/ManageUpLoadA
A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function upload_file_controller of the file /backend/app/api/v1/module_system/params/controller.py of the compo
A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code via uploading a crafted PDF file/Malware
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to
CVE-2025-28168
CRITICAL CVSS 9.8
Find Similar
The Multiple File Upload add-on component 3.1.0 for OutSystems is vulnerable to Unrestricted File Upload. This occurs because file extension and size validations are enforced solely on the client side
CVE-2023-7305
CRITICAL CVSS 9.2
Find Similar
SmartBI V8, V9, and V10 contain an unrestricted file upload vulnerability via the RMIServlet request handling logic. Under certain configurations or usage patterns, attackers can send specially crafte
A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8.6.8 allows attackers to cause a Denial of Service (DoS) via uploading an excessive number of files.
Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, the chunked upload completion path for file requests does not validate the total file size
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to
A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function upload_controller of the file /backend/app/api/v1/module_common/file/controller.py of the component Sc
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to
Rate limiting for certain API calls is not being enforced, making HCL Velocity vulnerable to Denial of Service (DoS) attacks. An attacker could flood the system with a large number of requests, overw
A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function user_avatar_upload_controller of the file /backend/app/api/v1/module_system/user/controller.py of the component Sched
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to
A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false of the component Web Administration
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to
Page 1+ Next →