CVE-2026-47067

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...

CVE-2025-15542

Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls...

MAL-2025-174647 Malicious code in hitachi-poke129 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92f9300dd4f1dd326f3471f178e15ae5f5f88e99d91105b8ad41e5714bba3191 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-159575 Malicious code in manapf-manuta-nutrsida (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb348153dcf2eb315c72cc2efe29f5bda17c535233054785ad1d18b7f7aed052 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140285 Malicious code in cache-slides-blaze-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c88be71e7482888225f7680add9cd29413792e910587914de99a7bc32af6ddf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in coastal_pike_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3750fd3ebd1f1a04154ab35de6ad7808075d558b9792d034037faef9cf95464b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-116662 Malicious code in realistic_perch_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 510850c2cf25f764296eaaaa296bf0f3b7331630f5bcd687d1334f733311cf27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in cici-kemplang50-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90e56862dde94b48f104e98dd2c936def8dd6cc5de6024dfc04cdde3e3004f93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dewanto-mangga70-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c11621ab469013615c6cef487760721657c1c177d0f8bba807b2d09bcc8b1622 The package dewanto-mangga70-sukiwir was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...

Unspecified vulnerability in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29155)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from unrestricted resource allocation ...

Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from unrestricted resource allocation ...

EUVD-2020-2502

Malware in sbrugna...

EUVD-2022-32307

Malicious code in bioql PyPI...

Erlang/OTP 安全漏洞

Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP versions 17.0 through 28.0.3, 27.3.4.3, and 26.2.5.15, which stems from an...

CVE-2024-13065 Business Logic Error in Akinsoft's MyRezzta

Improper Enforcement of Behavioral Workflow, Uncontrolled Resource Consumption vulnerability in Akinsoft MyRezzta allows Input Data Manipulation, CAPEC - 125 - Flooding. This issue affects MyRezzta: from s2.02.02 before v2.05.01...

CVE-2020-10037

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. By performing a flooding attack against the web server, an attacker might be able to gain read access to the device's memory, possibly revealing confidential information...

ABB Cylon FLXeon 9.3.4 serialConfig.js Denial of Service

ABB Cylon FLXeon version 9.3.4 is vulnerable to an authenticated JSON flooding attack, leading to uncontrolled resource consumption and a denial-of-service DoS condition. The /api/serialConfig endpoint allows an authenticated attacker to abuse an unrestricted loop to create a large number of JSON...

Apache Answer Denial of Service Vulnerability

Apache Answer is a community platform of the Apache USA Foundation. A denial of service vulnerability exists in Apache Answer 1.2.1 and earlier versions, which can be exploited by attackers to conduct pixel flooding attacks by uploading large pixelated files, resulting in a server out of memory...

bind: processing large delegations may severely degrade resolver performance

A flaw was found in bind. When flooding the target resolver with special queries, an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service...

Design/Logic Flaw

By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service...