CVE-2025-2256 Improper Validation of Specified Quantity in Input in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses...

CVE-2025-42930

SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...

CVE-2025-42930 Denial of Service (DoS) vulnerability in SAP Business Planning and Consolidation

SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...

AZL-66455 CVE-2025-38610 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: powercap: dtpmcpu: Fix NULL pointer dereference in getpdpoweruw The getpdpoweruw function can crash with a NULL pointer dereference when emcpuget returns NULL. This occurs when a CPU becomes impossible during runtime, causing...

CVE-2025-42976

SAP NetWeaver Application Server ABAP BIC Document allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can...

Linux Distros Unpatched Vulnerability : CVE-2017-7811

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs were reported in Firefox 55. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of thes...

CVE-2025-54869

FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service DoS vulnerability. An attacker...

CVE-2025-54869

FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service DoS vulnerability. An attacker...

Linux Distros Unpatched Vulnerability : CVE-2021-3653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided...

IBM Db2 for Linux 安全漏洞

IBM Db2 is a relational database management system from IBM that supports a variety of operating systems, including Linux. A denial of service vulnerability exists in IBM Db2 for Linux versions 12.1.0, 12.1.1, and 12.1.2, which originates from executable segments waiting for each other to release...

Regular Expression Denial Of Service (ReDoS)

fastapi-guard is vulnerable to Regular Expression Denial Of Service ReDoS. The vulnerability is due to inefficient regex pattern matching due to use of poorly optimized regular expressions that cause polynomial-time backtracking on crafted inputs, leading to high CPU usage and service...

Denial Of Service (DoS)

mcp is vulnerable to improper input validation. The vulnerability is due to a validation error when processing malformed requests, which allows an attacker to trigger unhandled exceptions and cause service unavailability 500 errors until the service is manually restarted...

CVE-2025-53366

A flaw was found in MCP. The MCP Python SDK contains a validation error that leads to an unhandled exception when processing malformed requests. This flaw allows a remote attacker to trigger this condition by sending a crafted request, resulting in an application-level service interruption...

CVE-2025-53366

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability 500 errors until manually...

CVE-2025-53366

CVE-2025-53366 relates to the MCP Python SDK (PyPI: mcp). Before version 1.9.4, a validation error can trigger an unhandled exception when processing malformed requests, resulting in service unavailability (HTTP 500) that requires manual restart. The issue varies by deployment conditions and resi...

CVE-2025-53366 MCP SDK Vulnerable to FastMCP Server Validation Error, Leading to Denial of Service

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability 500 errors until manually...

CVE-2025-53366 MCP SDK Vulnerable to FastMCP Server Validation Error, Leading to Denial of Service

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability 500 errors until manually...

Denial of Service Vulnerability in Multiple Advantech Products (CNVD-2026-13233)

Advantech WISE-4060LAN is an industrial automation controller from Advantech, Taiwan, China. A denial of service vulnerability exists in multiple Advantech products, which can be exploited by attackers to cause a remote denial of service and system unavailability...

PT-2025-28027

Name of the Vulnerable Software and Affected Versions: MCP Python SDK versions prior to 1.9.4 Description: A validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability until manually restarted. The impact may vary...

CVE-2025-49595 n8n Vulnerable to Denial of Service via Malformed Binary Data Requests

n8n is a workflow automation platform. Prior to version 1.99.0, there is a denial of Service vulnerability in /rest/binary-data endpoint when processing empty filesystem URIs filesystem:// or filesystem-v2://. This allows authenticated attackers to cause service unavailability through malformed...