9 matches found
CVE-2026-56149
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...
EUVD-2024-53214
Malicious code in bioql PyPI...
CVE-2025-38076
In the Linux kernel, the following vulnerability has been resolved: alloctag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still in use and if so, we keep the memory containing module's allocation tags alive until all tags...
CVE-2024-46668
An allocation of resources without limits or throttling vulnerability CWE-770 in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.0 through 6.4.15 may allow an unauthenticated remote user to consume all system memory via multiple...
CVE-2024-57881 mm/page_alloc: don't call pfn_to_page() on possibly non-existent PFN in split_large_buddy()
In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: don't call pfntopage on possibly non-existent PFN in splitlargebuddy In splitlargebuddy, we might call pfntopage on a PFN that might not exist. In corner cases, such as when freeing the highest pageblock in the last...
CVE-2024-56668
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix qibatch NULL pointer with nested parent domain The qibatch is allocated when assigning cache tag for a domain. While for nested parent domain, it is missed. Hence, when trying to map pages to the nested parent, NU...
Allocation Of Resources Without Limits
Synapse is vulnerable to Allocation Of Resources Without Limits. The vulnerability is due to improper handling of multipart/form-data requests, which can transiently increase memory consumption, allowing attackers to amplify DoS attacks...
SUSE-SU-2017:1379-1 Security update for libplist
This update for libplist fixes the following issues: - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data bsc1019531. - CVE-2017-5545: T...
CVE-2016-2858
QEMU, when built with the Pseudo Random Number Generator PRNG back-end support, allows local guest OS users to cause a denial of service process crash via an entropy request, which triggers arbitrary stack based allocation and memory corruption...