227 matches found
ROS-20260119-7398
A vulnerability in the soc-pcm.c component of the Linux operating system kernel is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
OPENSUSE-SU-2026:20032-1 Security update for haproxy
This update for haproxy fixes the following issues: - CVE-2025-11230: issue in the mjson JSON decoder leads to excessive resource consumption when processing numbers with large exponents bsc1250983...
PT-2026-2585
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s networking subsystem related to the hns3 driver. The issue stems from inconsistent allocation sizes for hdev-htqp and kinfo-tqp when applying for...
BIT-KIBANA-2025-68389 Kibana Allocation of Resources Without Limits or Throttling
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 of computing resources and a denial of service DoS of the Kibana process via a crafted HTTP request...
EUVD-2025-203502
CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources may be consumed abnormally...
UBUNTU-CVE-2025-66471
urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...
CVE-2025-66471
urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...
Security Bulletin: Vulnerabilities in Eclipse affect Tivoli Netcool/OMNIbus. (CVE-2024-13009, CVE-2024-47554)
Summary There are vulnerabilities in the MIB Manager application that is part of Tivoli Netcool/OMNIbus. Vulnerability Details CVEID:CVE-2024-13009 DESCRIPTION: In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a reques...
CVE-2025-55128
HackerOne community member Dang Hung Vi vidang04 has reported an uncontrolled resource consumption vulnerability in the “userlog-index.php”. An attacker with access to the admin interface could request an arbitrarily large number of items per page, potentially leading to a denial of service...
CVE-2025-55128
HackerOne community member Dang Hung Vi vidang04 has reported an uncontrolled resource consumption vulnerability in the “userlog-index.php”. An attacker with access to the admin interface could request an arbitrarily large number of items per page, potentially leading to a denial of service...
CVE-2025-27249
Uncontrolled resource consumption for some Gaudi software before version 1.21.0 within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occu...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an uncontrolled resource consumption and out of bounds write in Bouncy Castle [CVE-2025-9341, CVE-2025-9340]
Summary IBM Watson Speech Services Cartridge is vulnerable to an uncontrolled resource consumption and out of bounds write in Bouncy Castle, due to issues in AESNativeCBC.Java and AESNativeCBC.Java which allow excessive allocation CVE-2025-9341 and issues in jcajce/provider/BaseCipher...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Uncontrolled Resource Consumption (CVE-2024-47710)
sockmap: vulnerability result of adding a condresched in sockhashfree to prevent CPU soft lockups when destroying maps with a large number of buckets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
EUVD-2025-24390
Malicious code in bioql PyPI...
EUVD-2025-27507
Malicious code in bioql PyPI...
EUVD-2024-48906
Malicious code in bioql PyPI...
EUVD-2024-25940
Malicious code in bioql PyPI...
QNAP Qsync Central 安全漏洞
QNAP Qsync Central is the official private cloud synchronization service developed by QNAP for its Network Attached Storage NAS devices. QNAP Qsync Central suffers from an uncontrolled resource consumption vulnerability that can be exploited by attackers to cause a denial of service...