65 matches found
Allocation of Resources Without Limits or Throttling
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the base64 media decoding. An attacker can exhaust system memory resources by submitting oversized base64-encoded payloads, leadin...
CVE-2025-54161
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...
Allocation of Resources Without Limits or Throttling
Overview org.webjars.npm:seroval is a Stringify JS values Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when serializing objects with very large depth. An attacker can cause resource exhaustion and disrupt service availability by submitti...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the application to hang or crash repeatedly by sending crafted requests over multiple protocols with high privileges. Remediation...
CVE-2026-0531
CVE-2026-0531 affects Kibana Fleet. Vulnerability: Allocation of Resources Without Limits or Throttling (CWE-770) enabling Excessive Allocation (CAPEC-130) via a specially crafted bulk retrieval request. Root cause: repetitive database retrievals that rapidly consume memory, leading to server cra...
BIT-KIBANA-2025-68389 Kibana Allocation of Resources Without Limits or Throttling
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 of computing resources and a denial of service DoS of the Kibana process via a crafted HTTP request...
CVE-2025-68384
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...
CVE-2025-68384
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...
BIT-GITLAB-2025-14157 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters...
CVE-2025-14466
The CVE affects Güralp Fortimus/Minimus/Certimus series web interfaces. An unauthenticated attacker with network access can send specially crafted HTTP requests that cause the web service process to restart, producing a brief denial-of-service during restart. Public documents do not specify techn...
Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (December 2025)
Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling...
OESA-2025-2846 qt6-qtdeclarative security update
. Security Fixes: Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text componen...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to unknown fields that aren't checked. An attacker can disrupt consensus and cause all block proposals to be rejected by submitting specially crafted vote extensions with...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the WriteRelationships function when the exclusion operator is used in the authorization schema and the server is configured with --write-relationships-max-updates-per-call greater...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the WriteRelationships function when the exclusion operator is used in the authorization schema and the server is configured with --write-relationships-max-updates-per-call greater...
CVE-2025-53411
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...
CVE-2025-44007
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the send hooks. An attacker can exhaust system resources by triggering excessive gas consumption through recursive calls in the wasm contract. Remediation There is no fixed versio...
Allocation Of Resources Without Limits
Bouncy Castle is vulnerable to Allocation of Resources Without Limits. The vulnerability is due to excessive allocation due to improper handling in the AESNativeCBC.java implementation...
CVE-2025-48038 Unverified File Handles can Cause Excessive Use of System Resources
Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...