Lucene search
K

144 matches found

CVE
CVE
added 2026/05/07 1:13 p.m.14 views

CVE-2025-14341

DivvyDrive Information Technologies’ DivvyDrive contains a vulnerability (CVE-2025-14341) due to improperly controlled modification of dynamically-determined object attributes, causing Excessive Allocation/Resource Flooding. Affected versions are 4.8.2.19 prior to 4.8.3.2. The issue has NETWORK a...

8.3CVSS5.8AI score0.00221EPSS
Exploits0References1
OSV
OSV
added 2026/05/07 8:53 a.m.12 views

BIT-THRIFT-2026-43868 Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

7.5CVSS5.8AI score0.00665EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.11 views

PT-2026-38433

Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive Allocation, Flooding. This issue affects DivvyDrive: from 4.8.2.19 before...

8.3CVSS5.8AI score0.00221EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/22 1:47 p.m.5 views

CVE-2026-33595

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...

7.5CVSS5.3AI score0.00371EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.6 views

PT-2026-32406

Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/19 6:31 p.m.4 views

EUVD-2026-13139

Memory Allocation with Excessive Size Value CWE-789 in the Prometheus remotewrite HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation CAPEC-130...

5.7CVSS5.8AI score0.00179EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/19 6:31 p.m.9 views

Metricbeat Allocates Memory with Excessive Size Value Leading to Denial of Service

Memory Allocation with Excessive Size Value CWE-789 in the Prometheus remotewrite HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation CAPEC-130...

5.7CVSS5.8AI score0.00179EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/19 5:14 p.m.3 views

CVE-2026-26940 Improper Validation of Specified Quantity in Input in Kibana Leading to Denial of Service

Improper Validation of Specified Quantity in Input CWE-1284 in the Timelion visualization plugin in Kibana can lead Denial of Service via Excessive Allocation CAPEC-130. The vulnerability allows an authenticated user to send a specially crafted Timelion expression that overwrites internal series...

6.5CVSS5.8AI score0.0027EPSS
Exploits0References1
CVE
CVE
added 2026/03/19 5:5 p.m.21 views

CVE-2026-26931

CVE-2026-26931 affects Metricbeat’s Prometheus remote_write HTTP handler. The issue is a memory allocation with an excessive size value, leading to Denial of Service. Public references (OSV/GHSA/Nessus) describe Metricbeat (8.0.x–8.19.12/9.0.x–9.2.4 ranges) as affected and indicate remediation by...

5.7CVSS5.8AI score0.00179EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/19 5:5 p.m.2 views

CVE-2026-26931

Memory Allocation with Excessive Size Value CWE-789 in the Prometheus remotewrite HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation CAPEC-130...

5.7CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/03/17 8:51 p.m.1 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the drflacreadanddecodemetadata function. An attacker can cause excessive memory allocation by supplying crafted FLAC streams with maliciously controlled mimeLength and descriptionLength...

6.9CVSS5.9AI score0.00183EPSS
Exploits1References2
NVD
NVD
added 2026/02/27 6:16 p.m.6 views

CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

7.5CVSS0.00576EPSS
Exploits0References6
OSV
OSV
added 2026/02/27 6:16 p.m.3 views

UBUNTU-CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

7.5CVSS5.8AI score0.00576EPSS
Exploits0References2
OSV
OSV
added 2026/02/27 5:57 p.m.6 views

CVE-2026-21619 Unsafe Deserialization of Erlang Terms in hex_core

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

2CVSS5.9AI score0.00576EPSS
Exploits0References13
EUVD
EUVD
added 2026/02/27 5:57 p.m.6 views

EUVD-2026-9037

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

2CVSS5.9AI score0.00576EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/02/27 5:57 p.m.2 views

CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

7.5CVSS5.8AI score0.00576EPSS
Exploits0References6
Snyk
Snyk
added 2026/02/24 8:57 p.m.3 views

Memory Allocation with Excessive Size Value

Overview github.com/gofiber/fiber/v3 is an Express inspired web framework written in Go. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the parseAndClearFlashMessages function. An attacker can cause excessive memory allocation by sending a...

8.7CVSS6AI score0.00396EPSS
Exploits1References2
OSV
OSV
added 2026/01/16 8:42 a.m.3 views

BIT-KIBANA-2026-0543 Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation

Improper Input Validation CWE-20 in Kibana's Email Connector can allow an attacker to cause an Excessive Allocation CAPEC-130 through a specially crafted email address parameter. This requires an attacker to have authenticated access with view-level privileges sufficient to execute connector...

6.5CVSS6.8AI score0.0037EPSS
Exploits0References2
OSV
OSV
added 2026/01/16 8:39 a.m.4 views

BIT-ELK-2026-0543 Improper Input Validation in Kibana Email Connector Leading to Excessive Allocation

Improper Input Validation CWE-20 in Kibana's Email Connector can allow an attacker to cause an Excessive Allocation CAPEC-130 through a specially crafted email address parameter. This requires an attacker to have authenticated access with view-level privileges sufficient to execute connector...

6.5CVSS6.8AI score0.0037EPSS
Exploits0References2
OSV
OSV
added 2026/01/16 8:39 a.m.3 views

BIT-ELK-2026-0530 Allocation of Resources Without Limits or Throttling in Kibana Leading to Excessive Allocation

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted request. This causes the application to perform redundant processing operations that continuously consume system resources until service degradation or...

6.5CVSS6.7AI score0.00273EPSS
Exploits0References2
Rows per page
Query Builder