13 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-21728
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy...
Grafana Tempo has an Uncontrolled Resource Consumption issue
Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting maxresultlimit in the search config, e.g. to 262144 2^18...
GHSA-P4R4-XVRQ-GVMC Grafana Tempo has an Uncontrolled Resource Consumption issue
Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting maxresultlimit in the search config, e.g. to 262144 2^18...
CVE-2026-21728 Tempo query limit results in unbounded memory allocation
Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting maxresultlimit in the search config, e.g. to 262144 2^18...
CVE-2026-21728
CVE-2026-21728 affects Grafana Tempo: queries with large limits can trigger large memory allocations, potentially impacting service availability depending on deployment. Technical detail across sources confirms the issue arises from unbounded or excessive memory usage during large-limit tempo que...
EUVD-2025-35736
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files i...
EUVD-2003-0361
Malware in sbrugna...
CVE-2003-0366
lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service CPU consumption via a large query...
GHSA-49M6-VRR9-2CQM MLflow Uncontrolled Resource Consumption vulnerability
In mlflow/mlflow version 2.17.2, the /graphql endpoint is vulnerable to a denial of service attack. An attacker can create large batches of queries that repeatedly request all runs from a given experiment. This can tie up all the workers allocated by MLFlow, rendering the application unable to...
SUSE CVE-2003-0581
X Fontserver for Truetype fonts xfstt 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a 1 FSQueryXExtents8 or 2 FSQueryXBitmaps8 packet, and possibly other types of packets, with a large numranges value, which causes an out-of-bounds array access...
USN-5747-1 bind9 vulnerabilities
It was discovered that Bind incorrectly handled large query name when using lightweight resolver protocol. A remote attacker could use this issue to consume resources, leading to a denial of service. CVE-2016-2775 It was discovered that Bind incorrectly handled large zone data size received via...
CVE-2003-0366
lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service CPU consumption via a large query...
DEBIAN-CVE-2003-0366
lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service CPU consumption via a large query...