EUVD-2025-206554

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources...

CVE-2025-36123

CVE-2025-36123 affects IBM Db2 for Linux, UNIX and Windows (including DB2 Connect Server) 11.5.0–11.5.9 and 12.1.0–12.1.3. The vulnerability stems from improper allocation of system resources, enabling a local user to cause a denial of service when copying large tables that contain XML data. Impa...

EUVD-2025-19776

Malicious code in bioql PyPI...

EUVD-2024-42207

Malicious code in bioql PyPI...

EUVD-2025-18409

Malicious code in bioql PyPI...

EUVD-2025-10538

Malicious code in bioql PyPI...

EUVD-2022-34419

Malicious code in bioql PyPI...

EUVD-2022-38876

Malicious code in bioql PyPI...

BIT-TOMCAT-2025-48988 Apache Tomcat: FileUpload large number of parts with headers DoS

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0 through 11.0.7, from 10.1.0 through 10.1.41, from 9.0.0 through 9.0.105. The following versions were EOL at the time the CVE was created but are known to be affected:...

Amazon Linux 2 : tomcat (ALAS-2025-2919)

The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2919 advisory. Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from...

IROAD Q9 安全漏洞

IROAD Q9 is a car recorder from IROAD, Korea. A security vulnerability exists in IROAD Q9 20250624 and prior versions, which stems from a resource allocation issue in the MFA pairing request processor...

CVE-2025-48976

Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fi...

CVE-2025-48988 Apache Tomcat: FileUpload large number of parts with headers DoS

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. The following versions were EOL at the time the CVE was created but are known to be...

CVE-2024-46667

A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections...

CVE-2024-46668

An allocation of resources without limits or throttling vulnerability CWE-770 in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.0 through 6.4.15 may allow an unauthenticated remote user to consume all system memory via multiple...

CVE-2023-37934

An allocation of resources without limits or throttling vulnerability CWE-770 in FortiPAM 1.0 all versions allows an authenticated attacker to perform a denial of service attack via sending crafted HTTP or HTTPS requests in a high frequency...

CVE-2023-2666

Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16...

CVE-2023-3566

A vulnerability was found in wallabag 2.5.4. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /config of the component Profile Config. The manipulation of the argument Name leads to allocation of resources. The exploit has been disclosed ...

CVE-2022-3295

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...

Security Bulletin: Vulnerability in commons-compress affects IBM Integrated Analytics System (Sailfish) [CVE-2024-25710, CVE-2024-26308]

Summary The commons-compress package is used by IBM Integrated Analytics System . IBM Integrated Analytics System has addressed the applicable CVECVE-2024-25710, CVE-2024-26308. Vulnerability Details CVEID:CVE-2024-25710 DESCRIPTION: Loop with Unreachable Exit Condition 'Infinite Loop'...