128 matches found
agents 资源管理错误漏洞
Agents is an open-source intelligent agent symbol learning and training framework developed by AIWaves. There is a resource management vulnerability in aiwaves-cn agents, which stems from the recallrelevantmemoriestoworkingmemory function in the core/cat/lookingglass/straycat.py file within the...
Security update for erlang
This update for erlang fixes the following issues: CVE-2025-48039:Fixed an excessive use of system resources. bsc1249469 CVE-2025-48038:Fixed an excessive use of system resources. bsc1249470 CVE-2025-48040:Fixed an excessive resource consumption. bsc1249472 Patch Instructions: To install this SUS...
CVE-2025-61728 Excessive CPU consumption when building archive index in archive/zip
archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive...
CVE-2022-27937
Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264...
SUSE-SU-2026:0023-1 Security update for erlang26
This update for erlang26 fixes the following issues: - CVE-2025-48040: Excessive resource consumption bsc1249472 - CVE-2025-48039: Excessive use of system resources bsc1249469 - CVE-2025-48038: Excessive use of system resources bsc1249470...
EUVD-2022-32425
Malicious code in bioql PyPI...
EUVD-2025-10286
Malicious code in bioql PyPI...
EUVD-2025-7120
Malicious code in bioql PyPI...
EUVD-2025-5556
Malicious code in bioql PyPI...
Security Bulletin: IBM QRadar SIEM protocols are affected by denial of service.
Summary gRPC is affected by denial of service and connection termination issues due to flaws in request parsing and protocol handling. These issues may result in excessive resource consumption or unexpected disruptions in service availability. Vulnerability Details CVEID:CVE-2023-33953 DESCRIPTIO...
Withdrawn Advisory: microlight allows a denial of service
Withdrawn Advisory This advisory has been withdrawn because the proof of concept does not demonstrate a practical security impact. This link is maintained to preserve external references. Original Description A denial of service DoS vulnerability has been identified in the JavaScript library...
EulerOS 2.0 SP13 : gnutls (EulerOS-SA-2025-1633)
According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain...
Security Bulletin: IBM Cloud Pak for Data is vulnerable to installation failure due to opm ( CVE-2022-41724, CVE-2022-41725, CVE-2022-41723, CVE-2015-3627, CVE-2023-25173, CVE-2023-25153, CVE-2022-23471, CVE-2023-24532 )
Summary Opm is used by IBM Cloud Pak for Data as part of the installation operator catalog. CVE-2022-41724, CVE-2022-41725, CVE-2022-41723, CVE-2015-3627, CVE-2023-25173, CVE-2023-25153, CVE-2022-23471, CVE-2023-24532. Vulnerability Details CVEID:CVE-2022-41724 DESCRIPTION: Golang Go is vulnerabl...
Apache Commons Configuration 1.x DoS Vulnerability
The Apache Commons Configuration library is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
CVE-2023-6193
quiche v. 0.15.0 through 0.19.0 was discovered to be vulnerable to unbounded queuing of path validation messages, which could lead to excessive resource consumption. QUIC path validation RFC 9000 Section 8.2 requires that the recipient of a PATHCHALLENGE frame responds by sending a PATHRESPONSE. ...
CVE-2025-32380
The CVE-2025-32380 issue affects Apollo Router Core (Rust). A vulnerability in the Router’s usage of Apollo Compiler allowed queries with deeply nested and reused named fragments to be excessively expensive to validate, triggering high resource consumption and potential denial of service. The roo...
CVE-2025-32380 Apollo Router Query Validation Vulnerable to Excessive Resource Consumption via Named Fragment Processing
The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. A vulnerability in Apollo Router's usage of Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohibitively...
CVE-2025-31496
apollo-compiler is a query-based compiler for the GraphQL query language. Prior to 1.27.0, a vulnerability in Apollo Compiler allowed queries with deeply nested and reused named fragments to be prohibitively expensive to validate. Named fragments were being processed once per fragment spread in...
CVE-2025-32032 Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass
The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan,...
CVE-2025-32031 Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass
Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically due to internal...