Lucene search
K

17 matches found

EUVD
EUVD
added 2026/05/20 9:0 a.m.12 views

EUVD-2026-31079

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.8AI score0.00815EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.7 views

PT-2026-34224

Name of the Vulnerable Software and Affected Versions free5GC UDR versions prior to 1.4.3 Description A memory leak in the Policy Control Function PCF allows an unauthenticated attacker with network access to the PCF SBI interface to cause uncontrolled memory growth. By sending repeated HTTP...

7.5CVSS5.1AI score0.00515EPSS
Exploits1References9
Veracode
Veracode
added 2026/01/28 7:57 a.m.5 views

Denial Of Service (DoS)

Next.js is vulnerable to a Denial of Service DoS vulnerability. The vulnerability is due to unbounded request body buffering and unbounded decompression in the Partial Prerendering PPR resume endpoint, which allows an attacker to send specially crafted unauthenticated POST requests or compressed...

7.5CVSS5.9AI score0.00363EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-1829

Malware in sbrugna...

7.8CVSS7.6AI score0.01391EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.6 views

CVE-2023-43810

OpenTelemetry, also known as OTel for short, is a vendor-neutral open-source Observability framework for instrumenting, generating, collecting, and exporting telemetry data such as traces, metrics, logs. Autoinstrumentation out of the box adds the label httpmethod that has unbound cardinality. It...

7.5CVSS6.7AI score0.00685EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/10 2:14 p.m.23 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities reported in Jetty server (CVE-2024-8184, CVE-2024-6763)

Summary Multiple vulnerabilities over Eclipse Jetty is affecting IBM Sterling Control Center v6.3.1.0 and v6.4.0.0. Customers must upgrade to latest patch below to address this vulnerability. Vulnerability Details CVEID:CVE-2024-8184 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service...

6.5CVSS5.8AI score0.01037EPSS
Exploits1Affected Software1
Github Security Blog
Github Security Blog
added 2025/03/19 6:12 p.m.24 views

Improper Handling of Highly Compressed Data (Data Amplification) in github.com/getkin/kin-openapi/openapi3filter

Summary When validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file e.g., a ZIP bomb, causing the server to consume all available system memory. Details The root cause comes from the ZipFileBodyDecoder, which is registere...

7.5CVSS7AI score0.00497EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2025/02/21 12:15 a.m.29 views

CVE-2025-27100

lakeFS is an open-source tool that transforms your object storage into a Git-like repository. In affected versions an authenticated user can crash lakeFS by exhausting server memory. This is an authenticated denial-of-service issue. This problem has been patched in version 1.50.0. Users on versio...

6.5CVSS0.00412EPSS
Exploits0References2
OSV
OSV
added 2024/12/28 7:15 a.m.2 views

CVE-2021-22484

Some Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnerability may cause a server out of memory OOM...

7.5CVSS5.8AI score0.0028EPSS
Exploits0References1
Veracode
Veracode
added 2024/11/22 6:29 a.m.8 views

Memory Leakage

aiohttp is vulnerable to Memory Leakage. The vulnerability is due to improper handling of MatchInfoError, where each error creates a unique cache entry, allowing an attacker to exhaust server memory with numerous requests...

8.7CVSS6.5AI score0.00563EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/02/22 10:15 a.m.9 views

CVE-2024-22393

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content...

9.1CVSS6.6AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/02/12 9:10 a.m.5 views

JSS: memory leak in TLS connection leads to OOM

A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service...

7.5CVSS5.7AI score0.01196EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/01/10 6:38 p.m.5 views

dotnet: .NET Denial of Service Vulnerability

A Denial of Service vulnerability was found in .NET Core project templates that utilize JWT-based authentication tokens. This issue may allow an unauthenticated client to consume arbitrarily large amounts of server memory, potentially triggering an out-of-memory condition on the server and making...

6.8CVSS5.7AI score0.02868EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/10/12 12:0 a.m.3 views

OpenTelemetry-Go Contrib Security Vulnerability

OpenTelemetry-Go Contrib is a collection of OpenTelemetry Go extensions open-sourced by OpenTelemetry. A security vulnerability exists in OpenTelemetry-Go Contrib that stems from a potential server memory exhaustion when a large number of malicious requests are sent to the server...

7.5CVSS6.8AI score0.01364EPSS
Exploits0References16
CNVD
CNVD
added 2018/03/27 12:0 a.m.2 views

textpattern denial of service vulnerability

textpattern is an excellent blogging system. A security vulnerability exists in the Import XML feature in textpattern version 4.6.2. An attacker can exploit this vulnerability by uploading a specially crafted XML file to cause a denial of service exhaustion of server memory resources...

7.8CVSS6.8AI score0.01391EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/02/27 7:0 p.m.20 views

CVE-2018-6532

An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted authenticated and unauthenticated requests, an attacker can exhaust a lot of memory on the server side, triggering the OOM killer...

7.6AI score0.01389EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/09/02 12:0 a.m.28 views

samba3 DoS attack

Code found in nmbd and smbd may allow a remote attacker to effectively crash the nmbd server or use the smbd server to exhaust the system memory...

6.4AI score
Exploits0References1
Rows per page
Query Builder