50 matches found
Astra Linux - уязвимость в redis
Redis is an open-source, in-memory database that persists data on disk. When parsing an incoming Redis Standard Protocol RESP request, Redis allocates memory according to values specified by the user, which determine the number of elements in the multi-bulk header and the size of each element in...
GHSA-77VG-94RM-HX3P Svelte devalue: DoS via sparse array deserialization
devalue.parse could, due to quirks in some JavaScript engines, be convinced to allocate much more memory than was needed when deserializing sparse arrays, leading to excessive memory consumption...
CVE-2026-42946
A vulnerability exists in the ngxhttpscgimodule and ngxhttpuwsgimodule modules that may result in excessive memory allocation or an over-read of data. When scgipass or uwsgipass is configured, an unauthenticated attacker with man-in-the-middle MITM ability to control responses from an upstream...
CVE-2026-43169
A flaw was found in the drm/buddy component of the Linux kernel. This vulnerability occurs when the system processes memory allocation requests, particularly for contiguous or large non-contiguous blocks. Incorrect rounding of the requested size can lead to an allocation exceeding available memor...
Astra Linux - уязвимость в erlang
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet si...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Input: MT - limit max slots syzbot is reporting too large allocation at inputmtinitslots, for numslots is supplied from userspace using ioctlUIDEVCREATE. Since nobody knows possible max slots, this patch chose 1024...
CVE-2026-23052
In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pgremaining calculation in ftraceprocesslocs assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE is...
EUVD-2026-5494
In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pgremaining calculation in ftraceprocesslocs assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE is...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unvalidated numsyncs parameter that could lead to over-allocation...
PT-2026-6122
In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pg remaining calculation in ftrace process locs assumes that ENTRIES PER PAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIES PER PAGE ...
CVE-2025-68389
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 of computing resources and a denial of service DoS of the Kibana process via a crafted HTTP request...
UBUNTU-CVE-2025-68390
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation CAPEC-130 of memory and a denial of service DoS via crafted HTTP request...
Qt 安全漏洞
Qt is a cross-platform application development framework from the Qt open source. A security vulnerability exists in Qt versions 5.0.0 through 6.5.10, 6.6.0 through 6.8.5, and 6.9.0 through 6.10.0, which stems from a lack of input validation and could lead to resource over-allocation...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the removal of the limit on the number of NFSv4 COMPOUND operations, which could lead to an over-allocation ...
Bouncy Castle Java 安全漏洞
Bouncy Castle Java is a cryptographic algorithm program open-sourced by Legion of the Bouncy Castle Inc. A security vulnerability exists in Bouncy Castle Java FIPS version 2.1.0 through 2.1.1 and LTS version 2.73.0 through 2.73.7, which stems from uncontrolled consumption of resources that could...
Temporal OSS Server 安全漏洞
Temporal OSS Server is an open source workflow orchestration engine from Temporal. A security vulnerability exists in Temporal OSS Server versions prior to 1.26.3, prior to 1.27.3, and prior to 1.28.1, which stems from insufficient checking of authorization header boundaries and could lead to...
Erlang/OTP 安全漏洞
Erlang/OTP is an Erlang/OTP open source library written in JavaScript that handles handling exceptions. The library catches exceptions raised by the node.js built-in API. A security vulnerability exists in Erlang/OTP versions 17.0 through 28.0.3, 27.3.4.3, and 26.2.5.15, which stems from an...
Bouncy Castle 安全漏洞
Bouncy Castle is a collection of APIs used in cryptography organized by Bouncy Castle. It includes APIs for the Java and C programming languages . A security vulnerability exists in Bouncy Castle version 2.1.0, which stems from uncontrolled resource consumption and could lead to over-allocation...
Bouncy Castle Java 安全漏洞
Bouncy Castle Java is a cryptographic algorithm program open-sourced by Legion of the Bouncy Castle Inc. A security vulnerability exists in Bouncy Castle Java version 2.1.0, which stems from a resource over-allocation issue in the org.Bouncycastle.Crypto.Fips.NativeLoader file...
Bouncy Castle 安全漏洞
Bouncy Castle is a collection of APIs used in cryptography organized by Bouncy Castle. It includes APIs for the Java and C programming languages . A security vulnerability exists in Bouncy Castle versions 1.44 through 1.78, which stems from an unrestricted resource allocation that could lead to...