20 matches found
CVE-2026-28237
AMD uProf exposes an issue described as unrestricted resource allocation that can be exploited to exhaust system resources, potentially impacting availability. The reports identify the affected component as AMD uProf, with local attack vector and low attack complexity, resulting in high impact on...
CVE-2026-28237
Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability...
CVE-2024-42291
In the Linux kernel, the following vulnerability has been resolved: ice: Add a per-VF limit on number of FDIR filters While the iavf driver adds a s/w limit 128 on the number of FDIR filters that the VF can request, a malicious VF driver can request more than that and exhaust the resources for...
RHEL 6 : openstack-nova (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openstack-nova/glance/cinder: Malicious image may exhaust resources CVE-2015-5162 - Rejected reason: DO N...
BIT-GITLAB-2021-22181
A denial of service vulnerability in GitLab CE/EE affecting all versions since 11.8 allows an attacker to create a recursive pipeline relationship and exhaust resources...
BIT-GITLAB-2021-39939
An uncontrolled resource consumption vulnerability in GitLab Runner affecting all versions starting from 13.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker triggering a job with a specially crafted docker image to...
CVE-2024-25606
XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and older unsupported versions, and Liferay DXP 7.4 before update 4, 7.3 before update 12, 7.2 before fix pack 20, and older unsupported versions allows attackers with permission to deploy widgets/portlets/extensions to obtain sensitive...
CVE-2023-20268 Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability
A vulnerability in the packet processing functionality of Cisco access point AP software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. This vulnerability is due to insufficient management of resources when handling certain types of traffic. An...
SAP NetWeaver AS 资源管理错误漏洞
SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but also the basic platform for SAP software. A resource management error vulnerability exists in SAP NetWeaver AS for ABAP Business Server Pages, which arises from uncontrolled resource...
CVE-2022-30551
OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources...
CVE-2022-20692 Cisco IOS XE Software NETCONF Over SSH Denial of Service Vulnerability
A vulnerability in the NETCONF over SSH feature of Cisco IOS XE Software could allow a low-privileged, authenticated, remote attacker to cause a denial of service condition DoS on an affected device. This vulnerability is due to insufficient resource management. An attacker could exploit this...
CVE-2021-39939
Removed by vendor...
GitLab 资源管理错误漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab where an attacker used a specially...
Business-Dna Solution GmbH TopEase Input Validation Error Vulnerability
Business-Dna Solution GmbH TopEase is a "transformation risk" solution from the Swiss company Business-Dna Solution GmbH. Business-Dna Solution GmbH TopEase is vulnerable to an input validation error that could be exploited to insert arbitrarily long strings and eventually exhaust the underlying...
CVE-2021-40114
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper memory resource manageme...
VMware Spring Security 安全漏洞
VMware Spring Security is a suite of security frameworks from VMware that provide illustrative security protections for Spring-based applications. A security vulnerability exists in Spring Security that allows an attacker to send multiple requests to initiate authorization requests granted by the...
CVE-2021-22181
A denial of service vulnerability in GitLab CE/EE affecting all versions since 11.8 allows an attacker to create a recursive pipeline relationship and exhaust resources...
HTTP/2: request for large response leads to denial of service
A vulnerability was found in HTTP/2. An attacker can open a HTTP/2 window so the peer can send without constraint. The TCP window remains closed so the peer cannot write the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the server's...
OpenStack Glance Denial of Service Vulnerability (CNVD-2015-05221)
OpenStack is a cloud platform management program developed by the National Aeronautics and Space Administration in collaboration with Rackspace, Inc. OpenStack Image Registry and Delivery Service Glance is a project that stores, queries, and retrieves virtual machine images. A denial-of-service...
Mozilla Products 'IFRAME' Denial Of Service vulnerability (Windows)
The host is installed with Mozilla Firefox/Seamonkey and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodmozillaprdtsiframedosvulnwin.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products 'IFRAME' Denial Of Service vulnerability Windows Authors: Antu Sanadi...