Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Snyk
Snykadded 2026/04/07 10:12 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...

8.7CVSS5.8AI score0.00077EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/04/07 8:29 p.m.1 views

CVE-2026-29181 OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)

OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.36.0 to 1.40.0, multi-value baggage: header extraction parses each header field-value independently and aggregates members across values. This allows an attacker to amplify cpu and allocations by sending many baggage: header lines...

7.5CVSS5.9AI score0.00077EPSS
Exploits1References1
SUSE CVE
SUSE CVEadded 2025/08/12 11:35 p.m.1 views

SUSE CVE-2025-8885

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files...

6.3CVSS5.1AI score0.00121EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2025/07/31 7:23 p.m.6 views

OpenEXR Out-Of-Memory via Unbounded File Header Values

Summary The OpenEXR file format defines many information about the final image inside of the file header, such as the size of data/display window. The application trusts the value of dataWindow size provided in the header of the input file, and performs computations based on this value. This may...

5.5CVSS6.5AI score0.00133EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2025/03/21 12:0 a.m.4 views

PT-2025-12455

Name of the Vulnerable Software and Affected Versions golang-jwt versions prior to 4.5.2 golang-jwt versions prior to 5.2.2 Description The issue affects the parse.ParseUnverified function, which splits untrusted data on periods. This can lead to allocations of On bytes when faced with a maliciou...

9.9CVSS8AI score0.91625EPSS
Exploits31References205
OSV
OSVadded 2021/06/04 7:56 p.m.12 views

GSD-2021-1000662 USB: usbfs: Don't WARN about excessively large memory allocations

USB: usbfs: Don't WARN about excessively large memory allocations This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.193 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder