Lucene search
K

477 matches found

RedhatCVE
RedhatCVE
added 2025/02/07 6:7 p.m.11 views

CVE-2023-6386

A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...

6.5CVSS6.3AI score0.00492EPSS
Exploits0References4
OSV
OSV
added 2025/02/07 7:28 a.m.10 views

BIT-GITLAB-2023-6386 Allocation of Resources Without Limits or Throttling in GitLab

A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...

7.5CVSS5.9AI score0.00492EPSS
Exploits0References3
NVD
NVD
added 2025/02/05 10:15 a.m.18 views

CVE-2023-6386

A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...

7.5CVSS0.00492EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/05 9:31 a.m.14 views

CVE-2023-6386 Allocation of Resources Without Limits or Throttling in GitLab

A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...

6.5CVSS0.00492EPSS
Exploits0References2
OSV
OSV
added 2025/02/05 9:31 a.m.4 views

CVE-2023-6386 Allocation of Resources Without Limits or Throttling in GitLab

A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...

6.5CVSS6.3AI score0.00492EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/01/28 12:0 a.m.6 views

The vulnerability of the cppc_cpufreq_cpu_init component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the cppccpufreqcpuinit component in the Linux operating system is related to uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause a service failure...

8.4CVSS6.2AI score0.00258EPSS
Exploits0References10Affected Software3
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.3 views

Apache Tomcat 安全漏洞

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. Apache Tomcat has a resource management issue vulnerability that stems from the presence of uncontrolled resource consumption, which...

5.3CVSS6.6AI score0.01914EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.5 views

The vulnerability of Ollama’s system for running and managing large language models, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of Ollama’s system for running and managing large language models is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS8.1AI score0.02683EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2024/12/12 8:40 a.m.15 views

CVE-2024-12401

A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...

4.4CVSS6.6AI score0.00633EPSS
Exploits0References9
OSV
OSV
added 2024/11/19 8:15 p.m.3 views

CVE-2024-45420

Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access...

6.5CVSS5.8AI score0.00448EPSS
Exploits0References1
NVD
NVD
added 2024/11/13 4:15 p.m.32 views

CVE-2024-8049

In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 2024.4.1106, importing a document with unsupported features can lead to excessive processing, leading to excessive use of computing resources leaving the application process unavailable...

6.5CVSS0.00412EPSS
Exploits0References1
Snyk
Snyk
added 2024/11/08 9:44 p.m.2 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS through the improper handling of specific input types. An attacker can cause the application to crash by sending specially crafted input. Details Denial of Service DoS describes a family of attacks, all aimed at...

8.7CVSS7AI score0.00441EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2024/11/04 8:13 p.m.5 views

nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability...

7.5CVSS6.8AI score0.00814EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.5 views

PT-2024-16396 · Tongda Oa · Tongda Oa

Name of the Vulnerable Software and Affected Versions: Tongda OA 2017 up to 11.7 Description: A problematic issue has been found in Tongda OA, affecting some unknown processing of the file /inc/package static resources.php. This leads to resource consumption and can be initiated remotely. The iss...

7.5CVSS5.6AI score0.00942EPSS
Exploits1References12
CNNVD
CNNVD
added 2024/10/29 12:0 a.m.5 views

ChuanhuChatGPT 资源管理错误漏洞

ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. A resource management error vulnerability exists in ChuanhuChatGPT version 20240628, which stems from uncontrolled resource consumption that...

7.5CVSS6.6AI score0.00604EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/10/28 12:0 a.m.7 views

The vulnerability of the Core module of the Indeed Privileged Access Manager allows a perpetrator to trigger a service failure.

The vulnerability of the Core module of the Indeed Privileged Access Manager software lies in its uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.5CVSS5.5AI score
Exploits0Affected Software1
OSV
OSV
added 2024/09/27 1:30 a.m.8 views

MGASA-2024-0317 Updated python3 packages fix security vulnerabilities

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...

8.7CVSS6.7AI score0.02507EPSS
Exploits4References9
Positive Technologies
Positive Technologies
added 2024/09/25 12:0 a.m.9 views

PT-2024-7142 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.4R3-S7 Junos OS versions 22.2 prior to 22.2R3-S4 Junos OS versions 22.3 prior to 22.3R3-S3 Junos OS versions 22.4 prior to 22.4R3-S2 Junos OS versions 23.2 prior to 23.2R2-S1 Junos OS versions 23.4 prior to...

8.7CVSS7.3AI score0.00575EPSS
Exploits0References7
OSV
OSV
added 2024/08/26 6:15 a.m.3 views

UBUNTU-CVE-2024-41996

Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers from the client side to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource...

7.5CVSS6.8AI score0.01083EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/08/25 12:0 a.m.6 views

PT-2024-29681

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.x through 1.1.1 OpenSSL versions 3.x through 3.0.5 OpenSSL versions prior to 17.0.5 Description Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allow...

7.8CVSS6.5AI score0.01083EPSS
Exploits0References78
Rows per page
Query Builder