Lucene search
K

186 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.6 views

CVE-2026-28253

A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to cause a denial-of-service condition...

8.7CVSS5.8AI score0.00307EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/11 9:11 p.m.9 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or...

8.7CVSS5.8AI score0.02818EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 10:29 p.m.7 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Allocation of Resources Without Limits or Throttling vulnerability (CVE-2025-8885)

Summary There is a vulnerability in bc-fips-1.0.2.5.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-8885. The vulnerability has/vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-8885 DESCRIPTION: Allocation of Resources Without Limits or Throttling...

6.3CVSS5.5AI score0.00541EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/02/11 12:17 p.m.23 views

CVE-2025-57711 Qsync Central

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

6.9CVSS0.00469EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.10 views

PT-2026-7566

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...

5.1CVSS5.6AI score0.00469EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

Qnap QTS and QuTS hero Allocation of Resources Without Limits or Throttling (CVE-2025-47208)

An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same...

7.1CVSS5.6AI score0.00286EPSS
Exploits0References2
OSV
OSV
added 2026/01/14 9:14 a.m.4 views

RLSA-2026:0525 Moderate: postgresql16 security update

PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine a...

7.5CVSS6.8AI score0.00332EPSS
Exploits0References2
Elastic
Elastic
added 2026/01/13 8:45 p.m.12 views

Kibana 8.19.10, 9.1.10, 9.2.4 Security Update (ESA-2026-03)

Allocation of Resources Without Limits or Throttling in Kibana Leading to Excessive Allocation ESA-2026-03 Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted request. This causes the application to perfor...

6.5CVSS6.9AI score0.00273EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/12 12:0 a.m.8 views

Security update for cpp-httplib (important)

openSUSE Security Update: Security update for cpp-httplib Announcement ID: openSUSE-SU-2026:0007-1 Rating: important References: 1245414 1246468 1246471 Cross-References: CVE-2025-52887 CVE-2025-53628 CVE-2025-53629 CVSS scores: CVE-2025-52887 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:...

8.8CVSS7.1AI score0.00505EPSS
Exploits3References3
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.21 views

CVE-2021-27502

Texas Instruments TI-RTOS, when configured to use HeapMem heapdefault, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMemallocUnprotected' and result in code execution...

7.8CVSS7.4AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.11 views

CVE-2021-27431

ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc local malloc equivalent function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution...

9.8CVSS7.1AI score0.01048EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

Elastic Elasticsearch 安全漏洞

Elastic Elasticsearch is a search engine based on the Lucene library from the Dutch company Elastic. A security vulnerability exists in Elastic Elasticsearch that stems from an unrestricted resource allocation that could lead to a denial of service...

6.5CVSS6.3AI score0.00275EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/11 8:38 a.m.4 views

CVE-2025-66564

A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header...

7.5CVSS6AI score0.00411EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/28 7:16 p.m.6 views

Security Bulletin: Astronomer with IBM is vulnerable to unbounded memory allocation due to the axios package (CVE-2025-58754)

Summary Axios is used by Astronomer with IBM as part of the HTTP processing functionality. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL wi...

7.5CVSS6.4AI score0.0106EPSS
Exploits1Affected Software1
Rockylinux
Rockylinux
added 2025/11/25 9:4 a.m.6 views

mingw-expat security update

An update is available for mingw-expat. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Expat is a C library for parsing XML documents. The mingw-expat packages...

7.5CVSS7AI score0.01279EPSS
Exploits1
Snyk
Snyk
added 2025/11/03 5:7 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to lack of note length validation. An attacker can cause permanent corruption of issue activity logs and disrupt collaboration by...

7.5CVSS7AI score0.00375EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 7:31 p.m.5 views

EUVD-2025-32887

The NASA’s Interplanetary Overlay Network ION is an implementation of Delay/Disruption Tolerant Networking DTN. A BPv7 bundle with a malformed extension block causes uncontrolled memory allocation inside ION-DTN 4.1.3s, leading to receiver thread termination and a Denial-of-Service DoS. The...

7.5CVSS6.5AI score0.00331EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-11766

Malware in sbrugna...

5.5CVSS5AI score0.01291EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-20567

Malware in sbrugna...

8.8CVSS7.8AI score0.04486EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-13056

Malware in sbrugna...

6.5CVSS6.5AI score0.01053EPSS
Exploits1References2
Rows per page
Query Builder