Lucene search
K

479 matches found

Snyk
Snyk
added 2026/03/24 9:46 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the checkBytesLimits,...

7.5CVSS6.3AI score0.00532EPSS
Exploits0References2
OSV
OSV
added 2026/03/16 2:19 p.m.5 views

UBUNTU-CVE-2026-4174

A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.5 views

PT-2026-25747

HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of upload sizes may allow excessive resource consumption, which could potentially lead to service degradation or denial-of-service conditions under certain scenarios...

1.8CVSS5.8AI score0.00144EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/15 10:32 a.m.7 views

CVE-2026-4174 Radare2 Mach-O File mach0.c walk_exports_trie resource consumption

A vulnerability has been found in Radare2 5.9.9. This issue affects the function walkexportstrie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation leads to resource consumption. The attack can only be performed from a local environment. The exploit h...

4.8CVSS5.2AI score0.00115EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/10 11:45 p.m.4 views

gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS5.7AI score0.00638EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/09 3:30 p.m.4 views

EUVD-2025-208412

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an...

5.8AI score0.00152EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/07 12:27 a.m.5 views

SUSE CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

5.5CVSS5.8AI score0.00155EPSS
Exploits1References3
OSV
OSV
added 2026/03/06 6:16 p.m.6 views

UBUNTU-CVE-2025-69646

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...

5.5CVSS5.8AI score0.00155EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

SUSE SLED15: gnutls / libgnutls-devel / libgnutls-devel-32bit / libgnutls30 / etc (SUSE-SU-2026:0829-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0829-1 advisory. Security issue: - CVE-2025-14831: excessive resource consumption when verifying specially crafted malicio...

5.3CVSS6.8AI score0.00638EPSS
Exploits1References5
OSV
OSV
added 2026/03/03 1:18 p.m.2 views

SUSE-SU-2026:0774-1 Security update for python

This update for python fixes the following issue: - CVE-2024-7592: uncontrolled CPU resource consumption when in http.cookies module bsc1229596...

7.5CVSS5.9AI score0.02303EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/02 10:3 p.m.5 views

Inefficient Algorithmic Complexity

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity due to the inefficient decoding of ASCIIHexDecode streams. An attacker can cause excessive...

6.9CVSS6AI score0.00399EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.4 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: resource-agents (UTSA-2026-005389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005389 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data...

8.9CVSS6.1AI score0.00633EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.5 views

SUSE SLES15: erlang / erlang-debugger / erlang-debugger-src / erlang-dialyzer / etc (SUSE-SU-2026:0661-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0661-1 advisory. - CVE-2025-48039:Fixed an excessive use of system resources. bsc1249469 - CVE-2025-48038:Fixed an excessive use of...

6.9CVSS5.8AI score0.00402EPSS
Exploits0References10
OSV
OSV
added 2026/02/27 6:16 p.m.6 views

CVE-2026-21619

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

2CVSS5.9AI score0.00576EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/27 5:57 p.m.6 views

EUVD-2026-9037

Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore hexapi modules, hexpm hex mixhexapi modules, erlang rebar3 r3hexapi modules allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hexapi.erl,...

2CVSS5.9AI score0.00576EPSS
Exploits0References4
OSV
OSV
added 2026/02/26 3:10 p.m.3 views

SUSE-SU-2026:0661-1 Security update for erlang

This update for erlang fixes the following issues: - CVE-2025-48039:Fixed an excessive use of system resources. bsc1249469 - CVE-2025-48038:Fixed an excessive use of system resources. bsc1249470 - CVE-2025-48040:Fixed an excessive resource consumption. bsc1249472...

6.9CVSS5.8AI score0.00402EPSS
Exploits0References7
Snyk
Snyk
added 2026/02/26 3:11 a.m.5 views

Regular Expression Denial of Service (ReDoS)

Overview minimatch is a minimal matching utility. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. An attacker can cause excessive resource consumption and application unresponsiveness by supplying specially crafted nested extglob patterns that trigg...

8.7CVSS5.9AI score0.00472EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/02/24 12:6 p.m.4 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS5.7AI score0.00643EPSS
Exploits1References8
SUSE Linux
SUSE Linux
added 2026/02/24 11:19 a.m.7 views

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...

8.2CVSS5.5AI score0.00755EPSS
Exploits3References34
Snyk
Snyk
added 2026/02/24 1:43 a.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS6AI score0.00501EPSS
Exploits0References2
Rows per page
Query Builder