Lucene search
+L

65 matches found

snyk
snyk
added 2026/02/18 12:52 a.m.5 views

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the base64 media decoding. An attacker can exhaust system memory resources by submitting oversized base64-encoded payloads, leadin...

7.5CVSS5.6AI score0.00274EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/02/12 1:43 p.m.7 views

CVE-2025-54161

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

6.9CVSS5.6AI score0.00408EPSS
Exploits0References1
snyk
snyk
added 2026/01/22 3:46 a.m.5 views

Allocation of Resources Without Limits or Throttling

Overview org.webjars.npm:seroval is a Stringify JS values Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when serializing objects with very large depth. An attacker can cause resource exhaustion and disrupt service availability by submitti...

8.7CVSS5.5AI score0.00403EPSS
Exploits0References2
snyk
snyk
added 2026/01/19 11:0 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Optimizer component. An attacker can cause the application to hang or crash repeatedly by sending crafted requests over multiple protocols with high privileges. Remediation...

6.9CVSS5.5AI score0.00337EPSS
Exploits0References2
cve
cve
added 2026/01/13 9:5 p.m.24 views

CVE-2026-0531

CVE-2026-0531 affects Kibana Fleet. Vulnerability: Allocation of Resources Without Limits or Throttling (CWE-770) enabling Excessive Allocation (CAPEC-130) via a specially crafted bulk retrieval request. Root cause: repetitive database retrievals that rapidly consume memory, leading to server cra...

6.5CVSS6.3AI score0.00416EPSS
Exploits0References1Affected Software1
osv
osv
added 2025/12/20 11:39 a.m.3 views

BIT-KIBANA-2025-68389 Kibana Allocation of Resources Without Limits or Throttling

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 of computing resources and a denial of service DoS of the Kibana process via a crafted HTTP request...

6.5CVSS6.4AI score0.00271EPSS
Exploits0References2
nvd
nvd
added 2025/12/18 10:16 p.m.5 views

CVE-2025-68384

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...

6.5CVSS0.00275EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2025/12/18 10:16 p.m.6 views

CVE-2025-68384

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...

6.5CVSS5.9AI score0.00275EPSS
Exploits0References2
osv
osv
added 2025/12/18 12:4 p.m.3 views

BIT-GITLAB-2025-14157 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters...

6.5CVSS6.6AI score0.00275EPSS
Exploits0References3
cve
cve
added 2025/12/16 9:31 p.m.12 views

CVE-2025-14466

The CVE affects Güralp Fortimus/Minimus/Certimus series web interfaces. An unauthenticated attacker with network access can send specially crafted HTTP requests that cause the web service process to restart, producing a brief denial-of-service during restart. Public documents do not specify techn...

6.9CVSS6.6AI score0.00346EPSS
Exploits0References2
ibm
ibm
added 2025/12/16 6:45 a.m.10 views

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (December 2025)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling...

8.8CVSS7.2AI score0.00461EPSS
Exploits0Affected Software1
osv
osv
added 2025/12/12 12:21 p.m.5 views

OESA-2025-2846 qt6-qtdeclarative security update

. Security Fixes: Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text componen...

8.7CVSS6.7AI score0.00273EPSS
Exploits0References2
snyk
snyk
added 2025/11/24 11:32 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to unknown fields that aren't checked. An attacker can disrupt consensus and cause all block proposals to be rejected by submitting specially crafted vote extensions with...

7CVSS6.7AI score
Exploits0References2
snyk
snyk
added 2025/11/10 10:43 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the WriteRelationships function when the exclusion operator is used in the authorization schema and the server is configured with --write-relationships-max-updates-per-call greater...

6.9CVSS6.4AI score0.0024EPSS
Exploits0References2
snyk
snyk
added 2025/11/10 10:43 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the WriteRelationships function when the exclusion operator is used in the authorization schema and the server is configured with --write-relationships-max-updates-per-call greater...

6.9CVSS6.5AI score0.0024EPSS
Exploits0References2
nvd
nvd
added 2025/11/07 4:15 p.m.5 views

CVE-2025-53411

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

5.1CVSS0.00474EPSS
Exploits0References1
nvd
nvd
added 2025/10/03 6:15 p.m.6 views

CVE-2025-44007

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...

7.1CVSS0.0034EPSS
Exploits0References1
snyk
snyk
added 2025/09/30 9:6 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the send hooks. An attacker can exhaust system resources by triggering excessive gas consumption through recursive calls in the wasm contract. Remediation There is no fixed versio...

8.8CVSS6.7AI score0.00312EPSS
Exploits0References3
veracode
veracode
added 2025/09/12 9:51 a.m.4 views

Allocation Of Resources Without Limits

Bouncy Castle is vulnerable to Allocation of Resources Without Limits. The vulnerability is due to excessive allocation due to improper handling in the AESNativeCBC.java implementation...

5.9CVSS6.7AI score0.00149EPSS
Exploits0References3Affected Software2
osv
osv
added 2025/09/11 8:13 a.m.5 views

CVE-2025-48038 Unverified File Handles can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.9AI score0.00359EPSS
Exploits0References11
Rows per page
Query Builder