477 matches found
CVE-2023-6386
A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...
BIT-GITLAB-2023-6386 Allocation of Resources Without Limits or Throttling in GitLab
A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...
CVE-2023-6386
A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...
CVE-2023-6386 Allocation of Resources Without Limits or Throttling in GitLab
A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...
CVE-2023-6386 Allocation of Resources Without Limits or Throttling in GitLab
A denial of service vulnerability was identified in GitLab CE/EE, affecting all versions from 15.11 prior to 16.6.7, 16.7 prior to 16.7.5 and 16.8 prior to 16.8.2 which allows an attacker to spike the GitLab instance resource usage resulting in service degradation...
The vulnerability of the cppc_cpufreq_cpu_init component in the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the cppccpufreqcpuinit component in the Linux operating system is related to uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause a service failure...
Apache Tomcat 安全漏洞
Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. Apache Tomcat has a resource management issue vulnerability that stems from the presence of uncontrolled resource consumption, which...
The vulnerability of Ollama’s system for running and managing large language models, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.
The vulnerability of Ollama’s system for running and managing large language models is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures...
CVE-2024-12401
A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service DoS vector for the cert-manag...
CVE-2024-45420
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access...
CVE-2024-8049
In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 2024.4.1106, importing a document with unsupported features can lead to excessive processing, leading to excessive use of computing resources leaving the application process unavailable...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS through the improper handling of specific input types. An attacker can cause the application to crash by sending specially crafted input. Details Denial of Service DoS describes a family of attacks, all aimed at...
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
A vulnerability was found in the Nimbus Jose JWT package. By crafting a JWE with an excessively large p2c value, an attacker can trigger significant resource consumption during decryption, potentially leading to application slowdown or unavailability...
PT-2024-16396 · Tongda Oa · Tongda Oa
Name of the Vulnerable Software and Affected Versions: Tongda OA 2017 up to 11.7 Description: A problematic issue has been found in Tongda OA, affecting some unknown processing of the file /inc/package static resources.php. This leads to resource consumption and can be initiated remotely. The iss...
ChuanhuChatGPT 资源管理错误漏洞
ChuanhuChatGPT is an application that provides a lightweight and easy-to-use web GUI and many additional features for a wide range of LLMs such as ChatGPT. A resource management error vulnerability exists in ChuanhuChatGPT version 20240628, which stems from uncontrolled resource consumption that...
The vulnerability of the Core module of the Indeed Privileged Access Manager allows a perpetrator to trigger a service failure.
The vulnerability of the Core module of the Indeed Privileged Access Manager software lies in its uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
MGASA-2024-0317 Updated python3 packages fix security vulnerabilities
A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...
PT-2024-7142 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.4R3-S7 Junos OS versions 22.2 prior to 22.2R3-S4 Junos OS versions 22.3 prior to 22.3R3-S3 Junos OS versions 22.4 prior to 22.4R3-S2 Junos OS versions 23.2 prior to 23.2R2-S1 Junos OS versions 23.4 prior to...
UBUNTU-CVE-2024-41996
Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers from the client side to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource...
PT-2024-29681
Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.x through 1.1.1 OpenSSL versions 3.x through 3.0.5 OpenSSL versions prior to 17.0.5 Description Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allow...