Lucene search
K

59 matches found

Cvelist
Cvelist
added last week31 views

CVE-2026-49087 Allocation of Resources Without Limits or Throttling in Kibana Leading to Denial of Service

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...

6.5CVSS0.00251EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 3:8 a.m.12 views

EUVD-2026-35974

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

5.3CVSS5.5AI score0.0028EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.9 views

CVE-2026-41284

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117. Older, unsupported versions may also be affected. Users are recommended to upgrade ...

7.5CVSS7.1AI score0.0078EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 2:14 p.m.12 views

EUVD-2026-31119

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...

4.3CVSS5.8AI score0.00364EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 2:11 p.m.41 views

CVE-2026-8486 Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Flooding. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...

5.3CVSS0.00395EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.14 views

PT-2026-42188

Name of the Vulnerable Software and Affected Versions MOVEit Automation versions prior to 2025.0.11 MOVEit Automation versions 2025.1.0 through 2025.1.6 Description An issue exists where resources are allocated without limits or throttling, which allows for excessive allocation. Recommendations...

7.5CVSS5.8AI score0.00364EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/14 8:40 p.m.11 views

CVE-2026-44679 Tuist: Forgot password flow lacks throttling for reset email delivery

Tuist is a virtual platform team for Swift app devs. Prior to 1.180.10, the forgot password flow allows an unauthenticated attacker to repeatedly trigger password reset emails for a known account without server-side throttling. In self-hosted deployments, this can be abused to send large volumes ...

6.9CVSS5.8AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 8:40 p.m.7 views

EUVD-2026-30485

Tuist is a virtual platform team for Swift app devs. Prior to 1.180.10, the forgot password flow allows an unauthenticated attacker to repeatedly trigger password reset emails for a known account without server-side throttling. In self-hosted deployments, this can be abused to send large volumes ...

6.9CVSS5.8AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2026/05/12 4:16 p.m.5 views

UBUNTU-CVE-2026-41284

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117. Older, unsupported versions may also be affected. Users are recommended to upgrade ...

7.5CVSS5.7AI score0.0078EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/21 5:10 p.m.5 views

CVE-2026-40586

blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the login form handler performs no throttling of any kind. Failed authentication attempts are processed at full network speed with no IP-based rate limiting, no per-account attempt counter, no temporary lockout, no progressiv...

7.5CVSS5.8AI score0.00301EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/04/07 10:12 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the baggage header extraction process. An attacker can cause excessive CPU and memory allocations by sending numerous baggage header lines, even if each individual value remains...

8.7CVSS5.8AI score0.00435EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.4 views

Siemens APE1808 Allocation of Resources Without Limits or Throttling (CVE-2024-46666)

An allocation of resources without limits or throttling CWE-770 vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow a remote unauthenticated attacker to prevent access to the GUI via specially crafted requests...

5.3CVSS7.3AI score0.00668EPSS
Exploits0References3
CVE
CVE
added 2026/03/16 11:54 a.m.9 views

CVE-2025-69246

Raytha CMS (CVE-2025-69246) is affected by a lack of brute-force protection in login, allowing automated multiple logon attempts. The issue is addressed in version 1.4.6; users should upgrade to mitigate risk. If upgrading is not feasible, apply any provided workaround or vendor guidance (not det...

9.8CVSS5.8AI score0.0038EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/12 9:50 a.m.5 views

asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to perform a Denial of Service DoS attack over a network by allocating resources without limits or throttling. This can lead to the unavailability of the service for legitimate users...

7.5CVSS5.7AI score0.02818EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/11 12:33 a.m.2 views

EUVD-2026-11269

flagd Vulnerable to Allocation of Resources Without Limits or Throttling...

7.5CVSS5.8AI score0.0042EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/10 6:31 p.m.5 views

EUVD-2026-10694

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.02818EPSS
Exploits0References2
NVD
NVD
added 2026/03/10 6:18 p.m.3 views

CVE-2026-26130

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS0.02818EPSS
Exploits0References18
UbuntuCve
UbuntuCve
added 2026/03/10 12:0 a.m.4 views

CVE-2026-26130

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.9AI score0.02818EPSS
Exploits0References5
Snyk
Snyk
added 2026/03/03 7:8 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the Telegram DM message handling. An attacker can cause unauthorized media files to be downloaded and written to disk by sending...

7.1CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2026/03/02 9:8 a.m.4 views

BIT-GITLAB-2026-1725 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting versions from 18.9 before 18.9.1 that could have under certain conditions, allowed an unauthenticated user to cause denial of service by sending specially crafted requests to a CI jobs API endpoint...

7.5CVSS6AI score0.0035EPSS
Exploits0References4
Rows per page
Query Builder