Lucene search
K

2774 matches found

EUVD
EUVD
added yesterday5 views

EUVD-2026-39479

Trivy: Helm chart tar bomb causes OOM via unbounded io.ReadAll in parser...

6.9CVSS6.1AI score0.0025EPSS
Exploits0References5
CVE
CVE
added yesterday5 views

CVE-2026-15713

This CVE affects Libsoup’s HTTP/2 implementation. The issue is a memory leak where memory context blocks are not properly released under specific stream termination conditions (e.g., window exhaustion or explicit stream resets). A remote, unauthenticated attacker acting as a malicious network pee...

5.9CVSS6.1AI score
Exploits0References3
NVD
NVD
added 5 days ago8 views

CVE-2026-54063

Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, the checkSheet function in github.com/xuri/excelize/v2 uses an attacker-controlled XML attribute value directly as the length argument to makexlsxRow, row without validating it against the Exc...

7.5CVSS0.00575EPSS
Exploits0References2
OSV
OSV
added 2026/07/07 3:26 p.m.6 views

GO-2026-5851 Sigstore Timestamp Authority has OOM due to unbounded metric label cardinality in github.com/sigstore/timestamp-authority

Sigstore Timestamp Authority has OOM due to unbounded metric label cardinality in github.com/sigstore/timestamp-authority...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/07/06 5:47 a.m.4 views

BIT-ACTIVEMQ-2026-50750 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

7.5CVSS5.9AI score0.00707EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 5:47 a.m.5 views

BIT-ACTIVEMQ-2026-50734 Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire memory-allocation DoS during wire format negotiation

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS5.9AI score0.00796EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 5:48 p.m.1 views

CVE-2026-47262 containerd image-triggered runtime DoS via unbounded group parsing

containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service DoS condition. When creating a container from this image, memory exhaustion occurs, leading to an...

5.3CVSS5.9AI score0.00317EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/07/01 5:48 p.m.10 views

CVE-2026-47262

containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service DoS condition. When creating a container from this image, memory exhaustion occurs, leading to an...

5.5CVSS5.7AI score0.00317EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 1:32 p.m.6 views

EUVD-2026-40969

In the Linux kernel, the following vulnerability has been resolved: mm/damon/lrusort: handle ctx allocation failure DAMONLRUSORT allocates the damonctx object for its kdamond in its init function. damonlrusortenabledstore wrongly assumes the allocation will always succeed once tried. If the...

6.2AI score0.00166EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/07/01 4:38 a.m.9 views

CVE-2026-40989

A flaw was found in Spring Cloud Function. An attacker could send a specially crafted request that triggers infinite recursion in the routing layer. This can lead to an Out Of Memory OOM error, causing a Denial of Service DoS condition where the application becomes unresponsive...

6.5CVSS5.7AI score0.00211EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-49432

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed...

7.5CVSS6.2AI score0.00844EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/30 5:53 p.m.8 views

CVE-2026-53917

A flaw was found in Apache ActiveMQ. An authenticated user can exploit this vulnerability by sending a specially crafted OpenWire Message with an excessively large encoded size value for the message property map. This lack of size validation during unmarshaling can lead to an out-of-memory error,...

7.5CVSS5.6AI score0.00796EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/30 4:39 p.m.4 views

EUVD-2023-50377

RabbitMQ vulnerable to Denial of Service by publishing large messages over the HTTP API...

4.9CVSS6.2AI score0.01077EPSS
Exploits0References4
NVD
NVD
added 2026/06/30 11:16 a.m.7 views

CVE-2026-50750

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

7.5CVSS0.00707EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 a.m.4 views

UBUNTU-CVE-2026-49432

Improper Input Validation vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp. A remote unauthenticated peer that can reach an exposed STOMP connector can trigger denial-of-service behavior by sending a negative content-length. For the NIO STOMP transport, an attacker can...

7.5CVSS6AI score0.00844EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/30 9:53 a.m.8 views

CVE-2026-50734

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...

7.5CVSS5.7AI score0.00796EPSS
Exploits0References2Affected Software3
EUVD
EUVD
added 2026/06/30 9:51 a.m.7 views

EUVD-2026-40280

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

7.5CVSS5.8AI score0.00707EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 9:51 a.m.39 views

CVE-2026-50750 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

0.00707EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/30 9:51 a.m.7 views

CVE-2026-50750

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

5.8AI score0.00707EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2026/06/30 9:51 a.m.4 views

CVE-2026-50750 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

7.5CVSS5.9AI score0.00707EPSS
Exploits0References4
Rows per page
Query Builder