685 matches found
CVE-2026-56150
MODE C: CVE-2026-56150 affects Elastic Fleet Server via Allocation of Resources Without Limits or Throttling (upload endpoint memory exhaustion). Multiple connected sources describe the vulnerability in Fleet Server's internal API packages and uploader, enabling an attacker to exhaust RAM and pot...
CVE-2026-56150 Allocation of Resources Without Limits or Throttling in Fleet Server Leading to Denial of Service
Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...
OPENSUSE-SU-2026:21182-1 Security update for python-python-engineio
This update for python-python-engineio fixes the following issues: Changes in python-python-engineio: - CVE-2026-48802: remote user can cause the creation of unnecessary background threads in the server through the heartbeat mechanism and cause a DoS bsc1269544 - CVE-2026-48809: size of incoming...
CVE-2026-47317
Uncontrolled Recursion vulnerability in Samsung Open Source Escargot allows Excessive Allocation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...
CVE-2026-47319
Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows Excessive Allocation. This issue affects rlottie: before 0b4e308fa88c72cbb60cc8a2c1d2c2ad89b101dd...
CVE-2026-47319
Memory allocation with excessive size value vulnerability in Samsung Open Source rlottie allows Excessive Allocation. This issue affects rlottie: before 0b4e308fa88c72cbb60cc8a2c1d2c2ad89b101dd...
Astra Linux – Vulnerability in libwebp
A flaw was discovered in libwebp in versions prior to 1.0.1. When reading a file, libwebp allocates an excessive amount of memory. The greatest threat posed by this vulnerability is related to service availability...
Astra Linux – Vulnerability in binutils
It has been discovered that GNU Binutils prior to version 2.40 contains a vulnerability involving excessive memory consumption, caused by the loadseparatedebugfiles function in dwarf2.c. An attacker could provide a crafted ELF file and trigger a DNS attack...
Astra Linux – Vulnerability in binutils
A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. It involves an attempt at excessive memory allocation in the bfdelfslurpversiontables function within elf.c...
CVE-2026-43868 Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern
Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...
Milesight AIOT cameras 安全漏洞
Milesight AIOT cameras are a series of intelligent monitoring cameras developed by the Chinese company Milesight, which integrates artificial intelligence and IoT technologies. There are security vulnerabilities in Milesight AIOT cameras, and these vulnerabilities stem from excessive memory acces...
CVE-2026-33594
A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...
CVE-2026-33812
Parsing a malicious font file can cause excessive memory allocation...
CVE-2026-33812
Parsing a malicious font file can cause excessive memory allocation...
UBUNTU-CVE-2026-33812
Parsing a malicious font file can cause excessive memory allocation...
CVE-2026-33812 Excessive memory allocation when decoding malicious SFNT in golang.org/x/image
Parsing a malicious font file can cause excessive memory allocation...
EUVD-2026-24245
Parsing a malicious font file can cause excessive memory allocation...
GO-2026-4962 Excessive memory allocation when decoding malicious SFNT in golang.org/x/image
Parsing a malicious font file can cause excessive memory allocation...
OPENSUSE-SU-2026:20554-1 Security update for dovecot24
This update for dovecot24 fixes the following issues: - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. -...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from unlimited memory allocation issues in remote media HTTP error handling, which could lead to excessive...