CVE-2026-33375

CVE-2026-33375 concerns the Grafana MSSQL Data Source Plugin, where a logic flaw lets a low-privileged user (Viewer) bypass API restrictions and cause an Out-Of-Memory (OOM) DoS, crashing the host container. The connected records confirm the affected component (Grafana MSSQL data source plugin) a...

CVE-2025-66473

XWiki is an open-source wiki software platform. Versions 16.10.10 and below, 17.0.0-rc-1 through 17.4.3 and 17.5.0-rc-1 through 17.6.0 contain a REST API which doesn't enforce any limits for the number of items that can be requested in a single request at the moment. Depending on the number of...

CVE-2025-66473 XWiki's REST APIs don't enforce any limits, leading to unavailability and OOM in large wikis

XWiki is an open-source wiki software platform. Versions 16.10.10 and below, 17.0.0-rc-1 through 17.4.3 and 17.5.0-rc-1 through 17.6.0 contain a REST API which doesn't enforce any limits for the number of items that can be requested in a single request at the moment. Depending on the number of...

GHSA-CC84-Q3V3-MHGF XWiki's REST APIs don't enforce any limits, leading to unavailability and OOM in large wikis

Impact XWiki's REST API doesn't enforce any limits for the number of items that can be requested in a single request at the moment. Depending on the number of pages in the wiki and the memory configuration, this can lead to slowness and unavailability of the wiki. As an example, the...

CVE-2025-63402

An issue in HCL Technologies Limited HCLTech GRAGON before v.7.6.0 allows a remote attacker to execute arbitrary code via APIs do not enforcing limits on the number or size of requests...

Serverless, Low Cost, Threat Intel Aggregation: ElasticIntel

ElasticIntel is serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch. It is an alternative to expensive threat intel aggregation platforms which ingest the same data feeds you could get for free. ElasticIntel is designed to provide a central,...

Google Touts Progress in Android Security in 2016

SAN FRANCISCO–Google has a daunting task of scanning 750 million Android devices daily for threats and checking 6 billion apps for malware each day as part of its management of 1.6 billion active Android devices. The numbers are staggering for Adrian Ludwig, director of Android Security; six year...

Adobe Reader/Acrobat Javascript API Execution Limit Bypass Vulnerability (CNVD-2015-03077)

Adobe Reader/Acrobat are popular applications for processing PDF files. A vulnerability exists in Adobe Reader/Acrobat's handling of special PDF files, which allows remote attackers to exploit the vulnerability to build malicious files and trick users into parsing them, which can bypass Javascrip...