5672 matches found
CVE-2026-21438
webtransport-go is an implementation of the WebTransport protocol. Prior to 0.10.0, an attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Closed streams were not removed from an internal session map, preventing garbage collection of their...
webtransport-go: Memory Exhaustion Attack due to Missing Length Check in WT_CLOSE_SESSION Capsule
Summary An attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WTCLOSESESSION capsule containing an excessively large Application Error Message. The implementation does not enforce the draft-mandated limit of 1024 bytes on this field, allowing ...
BIT-NGINX-INGRESS-CONTROLLER-2026-24514 ingress-nginx Admission Controller denial of service
A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx...
SUSE CVE-2025-14831
A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...
webtransport-go 安全漏洞
webtransport-go is an open-source Go language library developed by quic-go. Versions of webtransport-go prior to 0.10.0 contained security vulnerabilities. These vulnerabilities stemmed from the failure to remove closed streams from the internal session mapping, which could lead to unlimited memo...
Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerabilities (CVE-2026-24513, CVE-2026-1580, CVE-2026-24514, CVE-2026-24512)
Summary IBM Cloud Kubernetes Service is affected by multiple Kubernetes Ingress Controller security vulnerabilities. - A user with access to create or update Ingress objects can use the rules.http.paths.path Ingress field to inject configuration into nginx CVE-2026-24512 - The...
CVE-2025-14831
A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...
Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS
Scrapy are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occur...
GnuTLS 安全漏洞
GnuTLS is an open-source, free security communication library developed by GnuTLS that enables the implementation of SSL, TLS, and DTLS protocols. GnuTLS has a security vulnerability that stems from excessive CPU and memory consumption when processing specially crafted malicious certificates, whi...
SUSE CVE-2026-24514
A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx...
CLEANSTART-2026-WK88787 SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption
Multiple security vulnerabilities affect the argo-workflows-fips package. SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption. See references for individual vulnerability...
Denial-of-Service (DoS)
llamaindex.core is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to uncontrolled memory consumption in SimpleDirectoryReader, where all files in a directory are loaded into memory before enforcing the numfileslimit, allowing large directories to exhaust memory and degrade or cra...
Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3155 (ALAS-2026-3155)
The version of nerdctl installed on the remote host is prior to 2.2.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3155 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program ...
Google Go Denial of Service Vulnerability (CNVD-2026-10649)
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. A denial of service vulnerability exists in Google Go, which stems from an unrestricted number of query parameters, which can be exploited by an attacker to cause excessive memory...
Amazon Linux 2023 : nerdctl (ALAS2023-2026-1400)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1400 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...
CVE-2025-1823
IBM Jazz Reporting Service could allow an authenticated user on the host network to cause a denial of service using specially crafted SQL query that consumes excess memory resources...
CVE-2025-1823
IBM Jazz Reporting Service (Lifecycle Query Engine) contains CVE-2025-1823: an authenticated user with host-network access can trigger a denial of service by sending a specially crafted SQL query that consumes excessive memory. Affected versions are IBM Jazz Reporting Service 7.1 and 7.0.3 (7.1iF...
CVE-2025-71031
Water-Melon Melon commit 9df9292 and below is vulnerable to Denial of Service. The HTTP component doesn't have any maximum length. As a result, an excessive request header could cause a denial of service by consuming RAM memory...
IBM Jazz Reporting Service 安全漏洞
The IBM Jazz Reporting Service JRS is a ready-to-use reporting component developed by the American multinational company IBM. This product includes functions such as report generation, data collection, and lifecycle queries. There is a security vulnerability in the IBM Jazz Reporting Service, whi...
Melon 安全漏洞
Melon is a C-language code library developed by Niklaus Schen. Versions of Melon prior to 9df9292 contained security vulnerabilities. These vulnerabilities stemmed from the lack of a maximum length limit in the HTTP component, which could lead to denial-of-service attacks by consuming memory...