Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.4 views

CVE-2025-65942

VictoriaMetrics is a scalable solution for monitoring and managing time series data. In versions from 1.0.0 to before 1.110.23, from 1.111.0 to before 1.122.8, and from 1.123.0 to before 1.129.1, affected versions are vulnerable to DoS attacks because the snappy decoder ignored VictoriaMetrics...

2.7CVSS6.7AI score0.00298EPSS
Exploits0References2
OSV
OSV
added 2025/11/25 10:25 p.m.3 views

CVE-2025-65942 VictoriaMetrics Snappy Decoder DoS Vulnerability is Causing OOM

VictoriaMetrics is a scalable solution for monitoring and managing time series data. In versions from 1.0.0 to before 1.110.23, from 1.111.0 to before 1.122.8, and from 1.123.0 to before 1.129.1, affected versions are vulnerable to DoS attacks because the snappy decoder ignored VictoriaMetrics...

2.7CVSS6.7AI score0.00298EPSS
Exploits0References7
Snyk
Snyk
added 2025/11/25 8:40 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the snappy:Decoder function. An attacker can cause excessive memory consumption and potential out-of-memory errors by sending malformed blocks that bypass request size limits. This...

5.1CVSS6.8AI score0.00298EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/11/25 8:40 p.m.7 views

VictoriaMetrics' Snappy Decoder DoS Vulnerability is Causing OOM

Impact Affected versions are vulnerable to DoS attacks because the snappy decoder ignored VictoriaMetrics request size limits allowing malformed blocks to trigger excessive memory use. This could lead to OOM errors and service instability. The fix enforces block-size checks based on MaxRequest...

2.7CVSS6.9AI score0.00298EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.9 views

VictoriaMetrics 安全漏洞

VictoriaMetrics is a time series database open-sourced by VictoriaMetrics. A security vulnerability exists in VictoriaMetrics versions 1.0.0 through 1.110.23 prior, 1.111.0 through 1.122.8 prior, and 1.123.0 through 1.129.1 prior, which stems from a request size limit being ignored by the snappy...

2.7CVSS6.2AI score0.00298EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/25 12:0 a.m.2 views

PT-2025-48095

Name of the Vulnerable Software and Affected Versions VictoriaMetrics versions 1.0.0 through 1.110.22 VictoriaMetrics versions 1.111.0 through 1.122.7 VictoriaMetrics versions 1.123.0 through 1.129.0 Description The software is susceptible to Denial of Service DoS attacks. The snappy decoder did...

2.7CVSS6.6AI score0.00298EPSS
Exploits0References17
GithubExploit
GithubExploit
added 2025/10/07 9:40 a.m.194 views

vmalert-operator

VMAlert Operator ⚠️ Proof of Concept Bridge Grafana Aler...

7.1AI score
Exploits0
Rows per page
Query Builder