Lucene search
K

9 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/22 7:0 a.m.6 views

CVE-2026-5072

A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...

5.9AI score0.00187EPSS
Exploits0References2
OSV
OSV
added 2026/05/15 8:42 a.m.4 views

BIT-GRAFANA-2026-33378 Grafana Data Source Plugin: DoS (OOM) via Negative Interval Injection in $__timeGroup Macro

Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 7:28 p.m.58 views

CVE-2026-33378 Grafana Data Source Plugin: DoS (OOM) via Negative Interval Injection in $__timeGroup Macro

Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...

6.5CVSS0.00328EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 7:28 p.m.11 views

CVE-2026-33378 Grafana Data Source Plugin: DoS (OOM) via Negative Interval Injection in $__timeGroup Macro

Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 7:28 p.m.31 views

CVE-2026-33378

CVE-2026-33378 concerns Grafana’s Data Source Plugin. The vulnerability arises from the __timeGroup macro when used with a SQL datasource, allowing an attacker to trigger a DoS by causing an OOM on the server. The attack requires no user interaction and has network access with low privileges. If ...

6.5CVSS5.8AI score0.00328EPSS
Exploits0References1Affected Software1
Grafana
Grafana
added 2026/05/13 12:0 a.m.9 views

Grafana Data Source Plugin: DoS (OOM) via Negative Interval Injection in $__timeGroup Macro

Using the $timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set up to auto-restart, the impact is minimal or non-existent, as the attack can take upwards of half an hour to crash the server...

6.5CVSS5.8AI score0.00328EPSS
Exploits0
OSV
OSV
added 2026/03/30 4:38 p.m.3 views

GHSA-CP8R-8JVW-V3QG nginx-ui Vulnerable to DoS via Negative Integer Input in Logrotate Interval

Summary An input validation vulnerability in the logrotate configuration allows an authenticated user to cause a complete Denial of Service DoS. By submitting a negative integer for the rotation interval, the backend enters an infinite loop or an invalid state, rendering the web interface...

6.9CVSS6AI score0.00948EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29090

Name of the Vulnerable Software and Affected Versions Nginx UI versions prior to 2.3.4 Description An input validation issue in the logrotate configuration allows an authenticated user to cause a Denial of Service DoS. Submitting a negative integer for the rotation interval causes the backend to...

6.9CVSS5.8AI score0.60368EPSS
Exploits18References46
BDU FSTEC
BDU FSTEC
added 2016/07/19 12:0 a.m.38 views

The vulnerability of the Cairo vector graphics library, which allows a hacker to cause a service failure

The vulnerability of the fillxrgb32lerpopaquespans function in the Cairo vector graphics library is due to buffer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure such as out-of-memory reading or application termination by setting the length of the interv...

5CVSS7.6AI score0.01805EPSS
Exploits1References5Affected Software2
Rows per page
Query Builder