651 matches found
OpenTelemetry.Resources.Azure has an unbounded HTTP response body read
Summary OpenTelemetry.Resources.Azure reads unbounded HTTP response bodies from the Azure VM remote instance metadata service endpoint into memory. This would allow an attacker-controlled endpoint or one acting as a Man-in-the-Middle MitM to cause excessive memory allocation and possible process...
JLSEC-2026-261 Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter...
Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading ...
CVE-2026-33594
CVE-2026-33594 describes a memory exhaustion issue where a client floods a DoH backend with queries, causing excess memory allocation as queries accumulate in a buffer that is only released at the end of the connection. The connected sources confirm the root cause (buffer growth tied to overloade...
CVE-2026-33594 Outgoing DoH excessive memory allocation
A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...
CVE-2026-33594
A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...
PT-2026-34438
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A client can trigger excessive memory allocation by generating a large volume of queries routed to an overloaded DNS over HTTPS DoH backend. This causes queries ...
PowerDNS DNSdist 安全漏洞
PowerDNS DNSdist is a proxy software provided by PowerDNS that offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a security vulnerability that stems from the ability of clients to trigger excessive memory allocation by generating a large number of...
EUVD-2026-24217
Next AI Draw.io is a next.js web application that integrates AI capabilities with draw.io diagrams. Prior to 0.4.15, the embedded HTTP sidecar contains three POST handlers /api/state, /api/restore, and /api/history-svg that process incoming requests by accumulating the entire request body into a...
CVE-2026-40481
monetr is a budgeting application for recurring expenses. In versions 1.12.3 and below, the public Stripe webhook endpoint buffers the entire request body into memory before validating the Stripe signature. A remote unauthenticated attacker can send oversized POST payloads to cause uncontrolled...
CVE-2026-40481
monetr is a budgeting application for recurring expenses. In versions 1.12.3 and below, the public Stripe webhook endpoint buffers the entire request body into memory before validating the Stripe signature. A remote unauthenticated attacker can send oversized POST payloads to cause uncontrolled...
CVE-2026-32216
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally...
EUVD-2026-22599
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally...
CVE-2026-32216
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally...
CVE-2026-32216
CVE-2026-32216 is a Windows Redirected Drive Buffering vulnerability caused by a null pointer dereference, enabling an authorized, local attacker to perform a Denial of Service. Affected software is Windows (Redirected Drive Buffering component); impact is local DoS as described in sources. Micro...
CVE-2026-32216 Windows Redirected Drive Buffering System Denial of Service Vulnerability
...
CVE-2026-32216
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally...
CVE-2026-32216 Windows Redirected Drive Buffering System Denial of Service Vulnerability
...
Windows Redirected Drive Buffering System Denial of Service Vulnerability
Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally...
Microsoft Windows Redirected Drive Buffering 代码问题漏洞
Microsoft Windows Redirected Drive Buffering is a core network file system component of the American company Microsoft, providing support and buffering management for various network micro-redirector drivers, such as the SMB protocol. There are code-related vulnerabilities in Microsoft Windows...
PT-2026-32859
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to cause a local denial of service, which can lead to system crashes or connection failures...