Lucene search
+L

214 matches found

nvd
nvd
added 2026/07/01 5:16 p.m.7 views

CVE-2026-49087

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...

6.5CVSS0.00251EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/10 11:33 p.m.8 views

CVE-2026-45664

A flaw was found in ImageMagick. A remote attacker could exploit a missing check in the Multiple-image Network Graphics MNG coder to read more images than allowed by policy. This could lead to excessive resource consumption, resulting in a denial of service DoS. Mitigation Mitigation for this iss...

7.5CVSS5.1AI score0.00441EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/06/10 12:0 a.m.18 views

ImageMagick 资源管理错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 6.9.13-47 and 7.1.2-22 contained a resource management vulnerability due to a lack of chec...

7.5CVSS5.2AI score0.00441EPSS
Exploits0References2
redhat
redhat
added 2026/06/07 12:59 a.m.1 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS6.3AI score0.0068EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2026/05/29 7:35 p.m.11 views

CVE-2026-46599 Excessive resource consumption in PackBits decompression in golang.org/x/image/tiff

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...

5.8AI score0.00353EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/29 7:35 p.m.40 views

CVE-2026-46599 Excessive resource consumption in PackBits decompression in golang.org/x/image/tiff

The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height and encoded size to make the decoder decode large amounts of compressed data...

0.00353EPSS
Exploits0References4
euvd
euvd
added 2026/05/20 2:14 p.m.13 views

EUVD-2026-31119

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...

4.3CVSS5.8AI score0.00364EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/11 12:0 a.m.11 views

agents 资源管理错误漏洞

Agents is an open-source intelligent agent symbol learning and training framework developed by AIWaves. There is a resource management vulnerability in aiwaves-cn agents, which stems from the recallrelevantmemoriestoworkingmemory function in the core/cat/lookingglass/straycat.py file within the...

6.9CVSS6AI score0.0038EPSS
Exploits0References2
nvd
nvd
added 2026/05/07 2:16 p.m.10 views

CVE-2025-14341

Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive Allocation, Flooding. This issue affects DivvyDrive: from 4.8.2.19 before...

8.3CVSS0.00221EPSS
Exploits0References1
redhat
redhat
added 2026/04/29 1:26 p.m.8 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS6.7AI score0.00633EPSS
Exploits0References6
osv
osv
added 2026/04/24 4:32 p.m.10 views

CLSA-2026-1777048319 openssl: Fix of CVE-2023-0464

CVE-2023-0464: fix excessive resource use when verifying X.509 policy constraints...

7.5CVSS7.1AI score0.03658EPSS
Exploits0References1
opensuse
opensuse
added 2026/04/21 12:0 a.m.7 views

Security update for cockpit (important)

openSUSE security update: security update for cockpit ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20504-1 Rating: important References: bsc1257836 bsc1258641 Cross-References: CVE-2026-25547 CVE-2026-26996 CVSS scores: CVE-2026-25547 SUSE : 7.5...

8.7CVSS5.7AI score0.00519EPSS
Exploits1References2
redhat
redhat
added 2026/04/20 1:27 p.m.4 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS6.8AI score0.00633EPSS
Exploits0References6
suse
suse
added 2026/04/10 11:36 a.m.4 views

Security update for cockpit-podman

This update for cockpit-podman fixes the following issues: CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive CPU and memory consumption and may crash a Node.js process bsc1257836. CVE-2026-26996: minimatch: ReDoS when glob pattern contains many consecutive...

8.7CVSS5.8AI score0.00519EPSS
Exploits1References8
redhat
redhat
added 2026/03/10 11:45 p.m.5 views

gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

5.3CVSS5.7AI score0.00638EPSS
Exploits1References5
nessus
nessus
added 2026/03/02 12:0 a.m.5 views

SUSE SLES15: erlang / erlang-debugger / erlang-debugger-src / erlang-dialyzer / etc (SUSE-SU-2026:0661-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0661-1 advisory. - CVE-2025-48039:Fixed an excessive use of system resources. bsc1249469 - CVE-2025-48038:Fixed an excessive use of...

6.9CVSS5.8AI score0.00402EPSS
Exploits0References10
suse
suse
added 2026/02/26 3:10 p.m.7 views

Security update for erlang

This update for erlang fixes the following issues: CVE-2025-48039:Fixed an excessive use of system resources. bsc1249469 CVE-2025-48038:Fixed an excessive use of system resources. bsc1249470 CVE-2025-48040:Fixed an excessive resource consumption. bsc1249472 Patch Instructions: To install this SUS...

6.9CVSS5.4AI score0.00402EPSS
Exploits0References12
redhat
redhat
added 2026/02/24 12:6 p.m.6 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS5.7AI score0.00643EPSS
Exploits1References8
redhat
redhat
added 2026/02/16 11:56 a.m.5 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References6
redhat
redhat
added 2026/02/03 7:28 a.m.3 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References6
Rows per page
Query Builder