Lucene search
K

51 matches found

AlpineLinux
AlpineLinux
added 2026/05/13 3:17 p.m.12 views

CVE-2026-44432

urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion 1 during the second HTTPResponse.readamt=N call when the response was decompressed using the official Brotli library or 2 when...

8.9CVSS5.8AI score0.0068EPSS
Exploits0References45
RedHat Linux
RedHat Linux
added 2026/01/28 3:32 p.m.13 views

urllib3: urllib3 Streaming API improperly handles highly compressed data

A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.26 views

CVE-2024-39895

Directus is a real-time API and App dashboard for managing SQL database content. A denial of service DoS attack by field duplication in GraphQL is a type of attack where an attacker exploits the flexibility of GraphQL to overwhelm a server by requesting the same field multiple times in a single...

6.5CVSS7.3AI score0.00795EPSS
Exploits1References1
OSV
OSV
added 2025/12/02 6:30 p.m.8 views

GO-2025-4155 Excessive resource consumption when printing error string for host certificate validation in crypto/x509

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

7.5CVSS6.7AI score0.00459EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-18667

Malware in sbrugna...

7.8CVSS7.7AI score0.04006EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-16241

Malware in sbrugna...

7.5CVSS6.5AI score0.01014EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-57650

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00493EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/11 8:13 a.m.3 views

CVE-2025-48038 Unverified File Handles can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh sshsftp modules allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This issue affects OTP from OTP 17.0 until OTP 28.0.3, OTP 27.3.4...

5.3CVSS5.4AI score0.00359EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/06/11 12:0 a.m.1 views

EulerOS 2.0 SP13 : dhcp (EulerOS-SA-2025-1610)

According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An...

7.5CVSS7AI score0.14614EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:46 a.m.9 views

CVE-2019-6667

On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX Financial Information eXchange profile applied...

7.5CVSS6.9AI score0.01014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:10 a.m.7 views

CVE-2019-6661

When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources...

7.5CVSS6.9AI score0.01044EPSS
Exploits0References1
OSV
OSV
added 2025/03/20 10:15 a.m.4 views

CVE-2024-10935

automatic1111/stable-diffusion-webui version 1.10.0 contains a vulnerability where the server fails to handle excessive characters appended to the end of multipart boundaries. This flaw can be exploited by sending malformed multipart requests with arbitrary characters at the end of the boundary,...

7.5CVSS5.8AI score0.00765EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/01/24 4:12 a.m.8 views

SUSE CVE-2024-10846

The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included...

6.5CVSS6.9AI score0.00223EPSS
Exploits0References4
Veracode
Veracode
added 2024/12/20 7:12 a.m.5 views

Denial Of Service (DoS)

org.apache.tomcat, tomcat-catalina is vulnerable to Denial Of Service DoS. The vulnerability is due to excessive resource consumption in the examples web application, which allows an attacker to cause a denial of service...

5.3CVSS6.4AI score0.01914EPSS
Exploits0References33Affected Software2
OSV
OSV
added 2024/10/31 3:59 p.m.27 views

CVE-2024-50354 Out-of-memory during deserialization with crafted inputs

gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0 and earlier, deserialization of Groth16 verification keys allocate excessive memory, consuming a lot of resources and triggering a crash with the error fatal error: runtime: out of memory...

5.5CVSS7AI score0.00324EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2024/10/14 12:54 p.m.25 views

USN-7067-1: HAProxy vulnerability

It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to consume excessive resources, leading to a denial of service...

7.5CVSS7.2AI score0.99999EPSS
Exploits19
Tenable Nessus
Tenable Nessus
added 2024/10/14 12:0 a.m.36 views

Ubuntu 18.04 LTS : HAProxy vulnerability (USN-7067-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7067-1 advisory. It was discovered that HAProxy did not properly limit the creation of new HTTP/2 streams. A remote attacker could possibly use this issue to cause HAProxy to...

7.5CVSS7.3AI score0.99999EPSS
Exploits19References2
OSV
OSV
added 2024/07/08 6:41 p.m.43 views

GHSA-7HMH-PFRP-VCX4 Directus GraphQL Field Duplication Denial of Service (DoS)

Summary A denial of service DoS attack by field duplication in GraphQL is a type of attack where an attacker exploits the flexibility of GraphQL to overwhelm a server by requesting the same field multiple times in a single query. This can cause the server to perform redundant computations and...

7.1CVSS6.4AI score0.00795EPSS
Exploits1References4
CNVD
CNVD
added 2023/11/30 12:0 a.m.16 views

Mattermost Denial of Service Vulnerability (CNVD-2023-9448711)

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial of service vulnerability that stems from an inability to limit the log size of server logs, which can be exploited by an attacker to consume excessive resources and cau...

5.3CVSS6.7AI score0.00632EPSS
Exploits0References1
Veracode
Veracode
added 2023/11/07 5:32 a.m.27 views

Denial Of Service (DoS)

org.eclipse.parsson:parsson is vulnerable to Denial of Service DoS. An attacker is able to exploit this vulnerability by sending a specially crafted JSON document with large numbers, which would cause the parser to consume excessive resources leading to a Denial of Service...

7.5CVSS6.9AI score0.00764EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder