5668 matches found
CVE-2026-22259
Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, specially crafted traffic can cause Suricata to consume large amounts of memory while parsing DNP3 traffic. This can lead to the process slowing down and running out of memory, potentially leading to it getting...
CVE-2025-66199
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000779)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000779 advisory. fs/namespace.c in the Linux kernel before 4.9 does not restrict how many mounts may exist in a mount namespace, which allows local users to cause a denial of service...
OPENSUSE-SU-2026:20044-1 Security update for alloy
This update for alloy fixes the following issues: Upgrade to version 1.12.1. Security issues fixed: - CVE-2025-47911: golang.org/x/net/html: quadratic complexity algorithms used when parsing untrusted HTML documents bsc1251509. - CVE-2025-58190: golang.org/x/net/html: excessive memory consumption...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002474)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002474 advisory. The kvmiommumappages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, whic...
CVE-2026-0531 Allocation of Resources Without Limits or Throttling in Kibana Fleet
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted bulk retrieval request. This requires an attacker to have low-level privileges equivalent to the viewer role, which grants read access to agent policies...
PT-2026-2292
Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.30.1 Description A potential denial of service DoS condition exists in cpp-httplib due to the way it handles compressed HTTP request bodies, specifically those using gzip or br compression. The library checks th...
CVE-2018-19878
An issue was discovered on Teltonika RTU950 R31.04.89 devices. The application allows a user to login without limitation. For every successful login request, the application saves a session. A user can re-login without logging out, causing the application to store the session in memory...
CVE-2018-4361
A memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...
CVE-2018-4474
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure...
CVE-2018-4452
A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious...
CVE-2010-0293
The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service memory consumption via spoofed 1 NTP or 2 cmdmon packets...
CVE-2021-33176
VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by...
CVE-2021-22010
The vCenter Server contains a denial-of-service vulnerability in VPXD service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service...
CVE-2021-22009
The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI vCenter API service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service...
SUSE-SU-2026:20050-1 Security update for libvirt
This update for libvirt fixes the following issues: Security issues fixed: - CVE-2025-13193: external inactive snapshots for shut-down VMs that are incorrectly created as world-readable allow unprivileged users to inspect guest OS contents bsc1253703. - CVE-2025-12748: parsing of user-provided XM...
CVE-2022-42795
A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 16, iOS 16, macOS Ventura 13, watchOS 9. Processing a maliciously crafted image may lead to arbitrary code execution...
CVE-2019-20880
An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. It allows attackers to cause a denial of service memory consumption via OpenGraph...
CVE-2019-20888
An issue was discovered in Mattermost Server before 5.7, 5.6.3, 5.5.2, and 4.10.5. It allows attackers to cause a denial of service memory consumption via an outgoing webhook or a slash command integration...
CVE-2020-12645
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption...