Lucene search
K

6168 matches found

Redos
Redos
added 6 days ago4 views

ROS-20260708-73-0048

The vulnerability in dovecot is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.5CVSS6AI score0.00454EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added last week12 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by uncontrolled resource consumption and denial of service. Vulnerability Details CVEID:CVE-2026-50645 DESCRIPTION: There is no restriction on the amount of attachment headers that a message can contain...

7.5CVSS6AI score0.0046EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:38 a.m.7 views

CVE-2026-24012

Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...

7.5CVSS6AI score0.00546EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.8 views

PT-2026-55599

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software does not enforce a timeout on git grep searches, which can allow expensive search operations to consume excessive server resources. Recommendations Update to version 1.25.5 or later...

7.5CVSS6.1AI score0.00466EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/07/02 10:12 a.m.16 views

CVE-2026-44740

A flaw was found in Billy, an interface filesystem abstraction for Go. This vulnerability allows a remote attacker to cause a Denial of Service DoS by providing crafted or malformed input. The issue arises from insufficient validation and missing safety mechanisms when processing untrusted...

7.5CVSS6AI score0.00295EPSS
Exploits0References6
NVD
NVD
added 2026/07/01 6:16 p.m.9 views

CVE-2026-49090

Uncontrolled Resource Consumption CWE-400 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk request that causes sustained high CPU consumption, which can render the affected node unable to process request...

6.5CVSS0.00251EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/07/01 11:30 a.m.6 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 5:47 p.m.4 views

Security Bulletin: IBM Integration Designer is vulnerable to multiple CVEs

Summary Multiple vulnerabilities are resolved: CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-34268 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

7.5CVSS7.1AI score0.00702EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 10:51 a.m.4 views

Security Bulletin: IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled

Summary IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled CVE-2026-9002 Vulnerability Details CVEID:CVE-2026-9002 DESCRIPTION: IBM WebSphere eXtreme Scale could allow an adjacent attacker to cause a denial of service due to improper validation in th...

6.5CVSS5.8AI score0.00269EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/29 10:3 a.m.7 views

ImageMagick: ImageMagick: Denial of Service due to excessive resource use in MNG coder

A flaw was found in ImageMagick. A remote attacker could exploit a missing check in the Multiple-image Network Graphics MNG coder to read more images than allowed by policy. This could lead to excessive resource consumption, resulting in a denial of service DoS...

7.5CVSS5.8AI score0.00441EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 9:53 p.m.14 views

EUVD-2026-31685

Hackney: ssl:connect/2 post-handshake upgrade has no timeout...

8.2CVSS5.8AI score0.00703EPSS
Exploits1References5
Redos
Redos
added 2026/06/26 12:0 a.m.6 views

ROS-20260626-73-0027

The vulnerability in ImageMagick is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.8AI score0.00495EPSS
Exploits0
Redos
Redos
added 2026/06/26 12:0 a.m.5 views

ROS-20260626-73-0006

The vulnerability related to tempo involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS5.8AI score0.00645EPSS
Exploits0
OSV
OSV
added 2026/06/25 10:34 p.m.5 views

GO-2026-5528 Grafana Tempo has an Uncontrolled Resource Consumption issue in github.com/grafana/tempo

Grafana Tempo has an Uncontrolled Resource Consumption issue in github.com/grafana/tempo. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

7.5CVSS5.8AI score0.00645EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/24 5:40 p.m.7 views

Security Bulletin: Java Updates for the April 2026 Vulnerability Advisory

Summary This interim fix addresses all applicable Java SE CVEs published by OpenJDK as part of their April 2026 Vulnerability Advisory: CVE-2026-34282, CVE-2026-22016, CVE-2026-23865, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-22008, CVE-2026-34268, CVE-2026-22007, CVE-2026-6918...

8.7CVSS6AI score0.00702EPSS
Exploits1Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in libxml2

A flaw was discovered in the libxml2 library. This vulnerability arises from uncontrolled resource consumption when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this vulnerability by providing malicious catalogs,...

2.9CVSS5.8AI score0.00308EPSS
Exploits1References3
Veracode
Veracode
added 2026/06/23 10:21 a.m.7 views

Uncontrolled Resource Consumption

pypdf is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to inefficient processing of PDF streams using the /FlateDecode filter with a PNG predictor, where specially crafted PDF content can trigger excessive computation during stream decoding, allowing attackers to cause...

5.1CVSS5.9AI score0.00117EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/22 8:56 p.m.8 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS6.8AI score0.00633EPSS
Exploits0References6
OSV
OSV
added 2026/06/22 5:39 a.m.3 views

BIT-DOTNET-2026-45591 ASP.NET Core Denial of Service Vulnerability

Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References22
OSV
OSV
added 2026/06/22 5:39 a.m.3 views

BIT-DOTNET-SDK-2026-45591 ASP.NET Core Denial of Service Vulnerability

Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References22
Rows per page
Query Builder