227 matches found
CVE-2025-48039 Unverified Paths can Cause Excessive Use of System Resources
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...
CVE-2025-48039
CVE-2025-48039 affects Erlang OTP ssh_sftp module (lib/ssh/src/ssh_sftpd.erl) and can cause excessive resource consumption due to unverified paths from authenticated SFTP users. Public disclosures link multiple Linux distro advisories updating Erlang (e.g., openSUSE/SUSE SUSE-SU-2026:20043-1, SUS...
CVE-2025-48038
CVE-2025-48038 affects Erlang OTP ssh (ssh_sftpd) with Allocation of Resources Without Limits or Throttling, causing excessive resource consumption. The issue is present across multiple OTP/erlang SSH versions (as detailed in the CVE entry) and is being addressed through vendor advisories and sec...
Cisco IOS XR 资源管理错误漏洞
Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. Cisco IOS XR suffers from a Resource Management Error vulnerability that arises from uncontrolled resource consumption by an application, which can be exploited by an attacker to...
CVE-2025-49460
Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access...
Excessive resource consumption in mime/multipart
...
Akinsoft MyRezzta 安全漏洞
Aiseesoft is a technology company specializing in software development. Akinsoft MyRezzta has a security vulnerability that stems from improper execution of behavioral workflows and uncontrolled consumption of resources, no details of the vulnerability are provided at this time...
CVE-2025-29898
An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Centra...
CVE-2025-29898
CVE-2025-29898 affects QNAP Qsync Central. Affected component: Qsync Central software. Vulnerability: uncontrolled resource consumption that enables a remote attacker who has a user account to trigger a denial-of-service (DoS). Impact per reported metrics includes high availability impact with ne...
The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to trigger a service failure.
The vulnerability of the NVIDIA Virtual GPU Manager driver relates to an uncontrolled resource consumption. Exploiting this vulnerability can allow a hacker to cause service failures...
CVE-2025-9341
Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...
tomcat: Apache Tomcat denial of service
A denial of service flaw was found in Apache Tomcat. An uncontrolled resource consumption vulnerability, where an HTTP/2 client fails to acknowledge the initial settings frame that reduces the maximum permitted concurrent streams, could result in a denial of service...
Intel Tiber Edge Platform Edge Orchestrator Denial of Service Vulnerability (CNVD-2025-19834)
Intel Tiber Edge Platform Edge Orchestrator is an edge computing platform from Intel designed to simplify the edge application development and deployment process by supporting modular tools to build and run edge applications. Intel Tiber Edge Platform Edge Orchestrator suffers from a denial of...
CVE-2025-26863
Uncontrolled resource consumption in the Linux kernel-mode driver for some IntelR 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service...
UBUNTU-CVE-2025-8916
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows Excessiv...
CVE-2025-53722
CVE-2025-53722 affects Windows Remote Desktop Services. Described as Denial-of-Service via uncontrolled resource consumption, exploitable over the network with no user interaction and no privileges required. CVSS v3.1 base score 7.5 (Network, Low attack complexity, No privileges, No user interact...
CVE-2025-26697
Uncontrolled resource consumption in the Linux kernel-mode driver for some IntelR 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service...
The vulnerability of the JPEG XL decoder in the Libjxl library, allowing attackers to trigger a service denial
The vulnerability of the JPEG XL decoder in the Libjxl library is related to an uncontrolled resource consumption due to buffer overflow on the stack. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the SecurityAgent component in macOS operating systems allows a perpetrator to trigger a service failure.
The vulnerability of the SecurityAgent component in macOS operating systems is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the MySQL Server component of the database management system involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...