Lucene search
K

8454 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-41631

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

6AI score
Exploits0References4
CVE
CVE
added yesterday5 views

CVE-2026-26307

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources. Affected: Gitea core before 1.25.5; component: git grep handling. Root cause: missing/absent timeout for git grep operations. Impact: potential resource exhaustion ...

6AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-26307

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources...

6AI score
Exploits0References5
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-9563

A flaw was found in Eclipse Parsson. The JSON parser did not enforce a default maximum on the number of characters consumed while processing a single JSON document. A remote attacker could exploit this by providing a very large, specially crafted JSON document. This could force applications to...

7.5CVSS6AI score0.00366EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-20216

A flaw was found in ClamAV's InstallShield file format parser. An unauthenticated, remote attacker could exploit this vulnerability by submitting a specially crafted InstallShield file for scanning. This improper handling of temporary resources during file scanning could lead to the termination o...

7.5CVSS6AI score0.00389EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2 days ago4 views

react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests

A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service DoS, causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby...

7.5CVSS7.3AI score0.02329EPSS
Exploits0References6
NVD
NVD
added 3 days ago4 views

CVE-2026-56148

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS0.00309EPSS
Exploits0References1
NVD
NVD
added 3 days ago6 views

CVE-2026-54399

Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...

7.5CVSS0.0041EPSS
Exploits0References2
CVE
CVE
added 3 days ago11 views

CVE-2026-49090

CVE-2026-49090 affects Elasticsearch and is caused by Uncontrolled Resource Consumption (CWE-400) via the bulk API, where an authenticated user can submit specially crafted bulk requests that trigger sustained high CPU and can render a node unresponsive. The issue is publicly discussed in Elastic...

6.5CVSS5.8AI score0.00251EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41095

Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2...

7.5CVSS5.8AI score0.0041EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-41094

Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...

7.5CVSS5.8AI score0.0041EPSS
Exploits0References1
CVE
CVE
added 3 days ago7 views

CVE-2026-49087

The CVE-2026-49087 issue concerns Kibana: Allocation of Resources Without Limits or Throttling (CWE-770) leading to a denial of service (CAPEC-130). An authenticated user can submit a crafted bulk deletion request that inflates resource use and can render Kibana unavailable. Connected sources spe...

6.5CVSS5.8AI score0.00251EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-49087

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...

6.5CVSS5.8AI score0.00251EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41081

A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerabilit...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References1
CVE
CVE
added 3 days ago11 views

CVE-2026-20216

CVE-2026-20216 concerns ClamAV’s InstallShield file format parser. The vulnerability arises from improper handling of temporary resources during scanning, enabling an unauthenticated, remote attacker to submit a crafted InstallShield file that can terminate the ClamAV scanning process and tempora...

7.5CVSS5.8AI score0.00389EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-20216 ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability

A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerabilit...

7.5CVSS0.00389EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago45 views

CVE-2026-56149

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...

4.9CVSS5.8AI score0.00324EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago14 views

CVE-2026-56148

CVE-2026-56148 — Elasticsearch Uncontrolled Recursion (DoS) Affected software: Elasticsearch (8.x and 9.x lines). What is vulnerable: Uncontrolled recursion in query processing that can cause excessive resource consumption, leading to denial of service on a node. Exposed to authenticated users wi...

6.5CVSS5.8AI score0.00309EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-56148

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS5.8AI score0.00309EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41065

Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...

6.5CVSS5.8AI score0.00309EPSS
Exploits0References1
Rows per page
Query Builder