CVE-2025-69199

Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.0, websockets within wings lack proper rate limiting and throttling. As a result a malicious user can open a large number of connections and then request data through these...

Pterodactyl Panel security vulnerabilities

Pterodactyl Panel is an open-source game server management panel developed by Pterodactyl. Versions of Pterodactyl Panel prior to 1.12.0 contained security vulnerabilities. These vulnerabilities stemmed from insufficient rate limiting and throttling in WebSocket communication, as well as no limit...

CVE-2022-31079

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the Cloud Stream server and the Edge Stream server reads the entire message into memory without imposing a limit on the size o...

EUVD-2018-0541

Malware in sbrugna...

EUVD-2022-36024

Malicious code in bioql PyPI...

EUVD-2024-1970

Malicious code in bioql PyPI...

io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size

A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service...

Security Bulletin: Vulnerability in RabbitMQ Java Client affects IBM watsonx.data

Summary RabbitMQ Java Client is vulnerable to a denial of service, caused by no message size limit in maxBodyLebgth. By sending a specially crafted message, a remote attacker could exploit this vulnerability to cause a memory overflow, and results in a denial of service condition. This can affect...

CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

PT-2024-1611 · Glibc +1 · Glibc +1

Name of the Vulnerable Software and Affected Versions: glibc versions 2.37 and newer Description: The issue is related to an off-by-one heap-based buffer overflow in the vsyslog internal function of the glibc library. This function is called by the syslog and vsyslog functions. The overflow occur...

openssl: Possible DoS translating ASN.1 object identifiers

A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when...

openssl: Possible DoS translating ASN.1 object identifiers

A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when...

openssl: Possible DoS translating ASN.1 object identifiers

A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when...

SUSE CVE-2023-39322

QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size...

Denial Of Service (DoS)

openssl is vulnerable to Denial of Service DoS. The vulnerability causes applications using 'OBJobj2txt' directly, or use any OpenSSL subsystem with no message size limit to experience notable to very long delays when processing those messages, which may lead to a Denial of Service...

Debian DSA-5417-1 : openssl - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5417 advisory. - A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy...

Code injection

A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process...

CVE-2022-32958

CVE-2022-32958 affects Teamplus Pro's chat functionality. A remote attacker with general user privileges can send a message to a Teamplus Pro chat group that exceeds the message size limit, with the result being termination of other recipients’ chat processes. The available connected sources desc...

CVE-2022-32958 TEAMPLUS TECHNOLOGY INC. Teamplus Pro - Allocation of Resources Without Limits or Throttling

A remote attacker with general user privilege can send a message to Teamplus Pro’s chat group that exceeds message size limit, to terminate other recipients’ Teamplus Pro chat process...

PT-2022-21606 · Unknown · Teamplus Pro

Name of the Vulnerable Software and Affected Versions: Teamplus Pro affected versions not specified Description: A remote attacker with general user privilege can send a message to Teamplus Pro's chat group that exceeds the message size limit, which can terminate other recipients' Teamplus Pro ch...