Lucene search
K

1690 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago10 views

Kibana 8.x < 8.19.15 / 9.x < 9.3.4 DoS (ESA-2026-49)

The version of Kibana installed on the remote host is 8.x prior to 8.19.15 or 9.x prior to 9.3.4. It is, therefore, affected by a denial of service vulnerability: - Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service. An authenticated user can...

6.5CVSS6.1AI score0.00251EPSS
Exploits0References2
NVD
NVD
added 5 days ago7 views

CVE-2026-31984

A denial-of-service vulnerability caused by unbounded resource allocation was discovered in the audit logging functionality, due to a missing size limit on input recorded into audit entries. An unauthenticated attacker can submit requests containing excessively large input that is recorded into...

8.7CVSS0.00274EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 11:16 a.m.9 views

CVE-2026-56810

Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...

8.7CVSS0.00344EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/07/06 10:9 a.m.16 views

Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites

Summary The vulnerabilities were found in dependent open source libraries used within IBM Quantum Safe Explorer code base. These issues have been addressed by updating the versions of affected libraries. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client...

7.5CVSS6.3AI score0.00808EPSS
Exploits8Affected Software1
OSV
OSV
added 2026/07/06 5:48 a.m.3 views

BIT-ELASTICSEARCH-2026-56149 Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...

4.9CVSS5.9AI score0.00324EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/01 6:18 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview github.com/elastic/fleet-server/internal/pkg/api is a control server to manage a fleet of elastic-agents. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitting...

7.5CVSS6AI score0.00312EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 5:16 p.m.9 views

CVE-2026-56150

Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...

7.5CVSS0.00312EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 5:16 p.m.7 views

CVE-2026-49087

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...

6.5CVSS0.00251EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 4:35 p.m.8 views

EUVD-2026-41088

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...

6.5CVSS5.8AI score0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 4:35 p.m.33 views

CVE-2026-49087 Allocation of Resources Without Limits or Throttling in Kibana Leading to Denial of Service

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...

6.5CVSS0.00251EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 4:26 p.m.31 views

CVE-2026-56150 Allocation of Resources Without Limits or Throttling in Fleet Server Leading to Denial of Service

Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...

6.5CVSS0.00312EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 4:26 p.m.8 views

EUVD-2026-41077

Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 4:21 p.m.8 views

EUVD-2026-41072

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...

4.9CVSS5.8AI score0.00324EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 7:16 a.m.13 views

CVE-2026-12818

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling CWE-770 within their Modbus TCP service...

9.3CVSS0.00253EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 6:24 a.m.7 views

EUVD-2026-40257

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling CWE-770 within their Modbus TCP service...

9.3CVSS5.8AI score0.0031EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 6:24 a.m.31 views

CVE-2026-12818

Delta Electronics DVP12SE PLCs are affected by a resource allocation vulnerability (CWE-770) in the Modbus TCP service. The issue entails unbounded resource usage due to lack of limits or throttling. CVSS data from the NVD indicates a CRITICAL severity with network attack vector, no privileges, a...

9.3CVSS5.8AI score0.00253EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Networks: hns3 – The use of numtqps in the vf driver to allocate resources. Currently, hdev-htqp is allocated using hdev-numtqps, and kinfo-tqp is allocated using kinfo-numtqps. However, kinfo-numtqps is set to minnewtqps,...

5.8AI score0.00173EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/23 7:50 p.m.4 views

Security Bulletin: IBM® Db2® federated server is affected by multiple vulnerabilities in Netty open source libraries.

Summary IBM® Db2® federated server is affected by multiple vulnerabilities in Netty open source libraries. Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote us...

9.8CVSS7.5AI score0.01125EPSS
Exploits7Affected Software1
NVD
NVD
added 2026/06/22 2:16 p.m.10 views

CVE-2024-54178

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources...

6.5CVSS0.0024EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 1:15 p.m.3 views

CVE-2024-54178

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder