Lucene search
K

227 matches found

Redos
Redos
added 2026/01/19 12:0 a.m.8 views

ROS-20260119-7398

A vulnerability in the soc-pcm.c component of the Linux operating system kernel is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.8AI score0.00171EPSS
Exploits0
OSV
OSV
added 2026/01/14 10:56 a.m.4 views

OPENSUSE-SU-2026:20032-1 Security update for haproxy

This update for haproxy fixes the following issues: - CVE-2025-11230: issue in the mjson JSON decoder leads to excessive resource consumption when processing numbers with large exponents bsc1250983...

7.5CVSS5.8AI score0.00479EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.5 views

PT-2026-2585

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s networking subsystem related to the hns3 driver. The issue stems from inconsistent allocation sizes for hdev-htqp and kinfo-tqp when applying for...

5.3AI score0.00173EPSS
Exploits0
OSV
OSV
added 2025/12/20 11:39 a.m.3 views

BIT-KIBANA-2025-68389 Kibana Allocation of Resources Without Limits or Throttling

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 of computing resources and a denial of service DoS of the Kibana process via a crafted HTTP request...

6.5CVSS6.4AI score0.00271EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/16 4:48 a.m.4 views

EUVD-2025-203502

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources may be consumed abnormally...

6.9CVSS6.3AI score0.00269EPSS
Exploits0References3
OSV
OSV
added 2025/12/05 5:16 p.m.8 views

UBUNTU-CVE-2025-66471

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...

8.9CVSS6.9AI score0.00633EPSS
Exploits0References10
AlpineLinux
AlpineLinux
added 2025/12/05 4:6 p.m.6 views

CVE-2025-66471

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...

8.9CVSS7.4AI score0.00633EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/02 6:54 p.m.11 views

CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

0.00459EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2025/12/02 6:54 p.m.2 views

CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

6.4AI score0.00459EPSS
Exploits2References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/27 1:15 p.m.6 views

Security Bulletin: Vulnerabilities in Eclipse affect Tivoli Netcool/OMNIbus. (CVE-2024-13009, CVE-2024-47554)

Summary There are vulnerabilities in the MIB Manager application that is part of Tivoli Netcool/OMNIbus. Vulnerability Details CVEID:CVE-2024-13009 DESCRIPTION: In Eclipse Jetty versions 9.4.0 to 9.4.56 a buffer can be incorrectly released when confronted with a gzip error when inflating a reques...

7.2CVSS6.8AI score0.01241EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/11/20 7:16 p.m.4 views

CVE-2025-55128

HackerOne community member Dang Hung Vi vidang04 has reported an uncontrolled resource consumption vulnerability in the “userlog-index.php”. An attacker with access to the admin interface could request an arbitrarily large number of items per page, potentially leading to a denial of service...

6.5CVSS5.8AI score0.00353EPSS
Exploits1References1
NVD
NVD
added 2025/11/20 7:16 p.m.6 views

CVE-2025-55128

HackerOne community member Dang Hung Vi vidang04 has reported an uncontrolled resource consumption vulnerability in the “userlog-index.php”. An attacker with access to the admin interface could request an arbitrarily large number of items per page, potentially leading to a denial of service...

6.5CVSS0.00353EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/11/11 4:50 p.m.4 views

CVE-2025-27249

Uncontrolled resource consumption for some Gaudi software before version 1.21.0 within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occu...

6.8CVSS5.8AI score0.00122EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/31 7:46 p.m.4 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an uncontrolled resource consumption and out of bounds write in Bouncy Castle [CVE-2025-9341, CVE-2025-9340]

Summary IBM Watson Speech Services Cartridge is vulnerable to an uncontrolled resource consumption and out of bounds write in Bouncy Castle, due to issues in AESNativeCBC.Java and AESNativeCBC.Java which allow excessive allocation CVE-2025-9341 and issues in jcajce/provider/BaseCipher...

5.9CVSS6.9AI score0.00154EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.4 views

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Uncontrolled Resource Consumption (CVE-2024-47710)

sockmap: vulnerability result of adding a condresched in sockhashfree to prevent CPU soft lockups when destroying maps with a large number of buckets. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

5.5CVSS7AI score0.00231EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-24390

Malicious code in bioql PyPI...

4.8CVSS6.5AI score0.00123EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27507

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00254EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-48906

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00412EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-25940

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00586EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.5 views

QNAP Qsync Central 安全漏洞

QNAP Qsync Central is the official private cloud synchronization service developed by QNAP for its Network Attached Storage NAS devices. QNAP Qsync Central suffers from an uncontrolled resource consumption vulnerability that can be exploited by attackers to cause a denial of service...

6.5CVSS6.6AI score0.00387EPSS
Exploits0References1
Rows per page
Query Builder