6188 matches found
Security Bulletin: Vulnerabilities in IBM WebSphere Application (CVE-2026-50645, CVE-2026-9322, CVE-2026-11541, CVE-2026-4410, CVE-2026-9320, CVE-2026-8646, CVE-2026-11806, CVE-2026-9071, CVE-2026-11546, CVE-2026-5516) affects IBM PowerVM Novalink.
Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2026-50645 DESCRIPTION: There is no restriction on the amount of attachment headers that a message can contain when being deserialized by...
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)
Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by uncontrolled resource consumption and denial of service. Vulnerability Details CVEID:CVE-2026-50645 DESCRIPTION: There is no restriction on the amount of attachment headers that a message can contain...
EUVD-2026-44526
CAI Content Credentials is affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue...
CVE-2026-48357
CAI Content Credentials is affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this issue...
CVE-2026-48357
Technical details about CVE-2026-48357 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-47479
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to denial of service...
CVE-2026-49799
Technical details are not publicly available in the provided documents. No confirmed affected products, fixes, or exploit specifics are described here; monitor official sources for updates.
CVE-2026-49835
A flaw was found in Sigstore Timestamp Authority. An unauthenticated remote attacker can exploit this vulnerability by sending requests with arbitrary HTTP paths and methods. This leads to the creation of an excessive number of unique metric labels, causing unbounded memory growth and a denial of...
PT-2026-58845
Name of the Vulnerable Software and Affected Versions CAI Content Credentials affected versions not specified Description An uncontrolled resource consumption issue exists that could lead to an application denial-of-service. An attacker can exhaust system resources to cause the application to...
PT-2026-58666
Name of the Vulnerable Software and Affected Versions Windows DHCP Server affected versions not specified Description Uncontrolled resource consumption in the Windows DHCP Server allows an unauthorized attacker to cause a denial of service over a network, affecting the system's availability...
Progress MOVEit Transfer 2023.0.x / 2023.1.x < 2023.1.16 / 2024.0.x / 2024.1.x < 2024.1.7 / 2025.0.x < 2025.0.3 Uncontrolled Resource Consumption (October 2025)
The version of Progress MOVEit Transfer, formerly Ipswitch MOVEit DMZ, installed on the remote host is affected by an uncontrolled resource consumption vulnerability as referenced in Progress Community article 000291424. - Uncontrolled Resource Consumption vulnerability in Progress MOVEit Transfe...
ROS-20260708-73-0048
The vulnerability in dovecot is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service failures...
CVE-2026-24012
Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...
PT-2026-55599
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software does not enforce a timeout on git grep searches, which can allow expensive search operations to consume excessive server resources. Recommendations Update to version 1.25.5 or later...
CVE-2026-44740
A flaw was found in Billy, an interface filesystem abstraction for Go. This vulnerability allows a remote attacker to cause a Denial of Service DoS by providing crafted or malformed input. The issue arises from insufficient validation and missing safety mechanisms when processing untrusted...
CVE-2026-49090
Uncontrolled Resource Consumption CWE-400 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk request that causes sustained high CPU consumption, which can render the affected node unable to process request...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
Security Bulletin: IBM Integration Designer is vulnerable to multiple CVEs
Summary Multiple vulnerabilities are resolved: CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-34268 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
Security Bulletin: IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled
Summary IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled CVE-2026-9002 Vulnerability Details CVEID:CVE-2026-9002 DESCRIPTION: IBM WebSphere eXtreme Scale could allow an adjacent attacker to cause a denial of service due to improper validation in th...
ImageMagick: ImageMagick: Denial of Service due to excessive resource use in MNG coder
A flaw was found in ImageMagick. A remote attacker could exploit a missing check in the Multiple-image Network Graphics MNG coder to read more images than allowed by policy. This could lead to excessive resource consumption, resulting in a denial of service DoS...