CVE-2026-8199

An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and may lead to availability loss by OOM. This issue impacts MongoDB Server v7.0 versions prior to...

CVE-2025-58344

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation in a /proc/driver/unifi0/connlogeventbursttous write operation, leading to kernel memory...

CVE-2025-68799 caif: fix integer underflow in cffrml_receive()

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...

CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although CLIENTSMAX ...

SUSE-SU-2025:21192-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.5. Security issues fixed: - CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host certificate validation bsc1254431. - CVE-2025-61727: crypto/x509: excluded subdomain constraint doesn't...

AZL-44151 CVE-2024-27316 affecting package mod_http2 for versions less than 2.0.29-3

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion...

CVE-2018-11280

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing user-space there is no size validation of the NAT entry input. If the user input size of the NAT entry is greater than the max allowed size, memory exhaustion will occur...

UBUNTU-CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...