Lucene search
K

1704 matches found

Vulnrichment
Vulnrichment
added 2026/06/01 3:33 a.m.16 views

CVE-2026-48187 Email with special content can lead to DoS

An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS: 8.0.X 2023.X 2024.X 2025.X 2026.X before 2026.4.X Please note that OTRS Community Edition 6.x,...

5.7CVSS5.8AI score0.00201EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/29 9:14 p.m.10 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of limits on the size of PackBits-compressed data during decompression. An attacker can cause excessive resource consumption by submitting a specially crafted image...

8.7CVSS5.8AI score0.00353EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/29 7:43 p.m.11 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the parsing of maliciously crafted Git repository data, such as .pack, .idx, or loose objects. An attacker can cause the application to panic by providing a payload that excee...

6.9CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/29 7:43 p.m.15 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the parsing of maliciously crafted Git repository data, such as .pack, .idx, or loose objects. An attacker can cause the application to panic by providing a payload that excee...

6.9CVSS5.8AI score
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/05/28 12:34 p.m.20 views

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...

9.2CVSS6.2AI score0.4581EPSS
Exploits18References44
OSV
OSV
added 2026/05/28 9:10 a.m.8 views

BIT-GITLAB-2026-1402 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed an authenticated user to cause denial of service due to insufficient validation...

6.5CVSS5.8AI score0.00471EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 8:13 p.m.15 views

CVE-2025-36122

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources...

6.5CVSS5.8AI score0.00245EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.11 views

CVE-2026-47073

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The WebSocket client in src/hackneyws.erl imposes no upper bound on memory consumption in three code paths. First, readhandshakeresponse/3 accumulates received bytes into a growing buffer with n...

8.7CVSS5.9AI score0.00825EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/26 11:43 a.m.10 views

EUVD-2025-209928

An Allocation of Resources Without Limits or Throttling vulnerability in the OPC-UA Server used in PPT30 Operating System versions before 1.8.0 may be used by an unauthenticated network-based attacker to permanently prevent legitimate users from interacting with the service...

8.7CVSS5.8AI score0.00322EPSS
Exploits0References1
Redos
Redos
added 2026/05/26 12:0 a.m.19 views

ROS-20260526-73-0013

Vulnerability in golang-x-image related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

6.1CVSS5.8AI score0.00112EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.22 views

Important: httpd

Issue Overview: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue. CVE-2026-24072 Heap-based Buffer...

9.8CVSS5.8AI score0.01376EPSS
Exploits2
Redos
Redos
added 2026/05/26 12:0 a.m.14 views

ROS-20260526-73-0004

A vulnerability in the libexpat XML file parsing library is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS6.4AI score0.01279EPSS
Exploits1
Amazon
Amazon
added 2026/05/26 12:0 a.m.14 views

Important: httpd

Issue Overview: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue. CVE-2026-24072 Heap-based Buffer...

9.8CVSS5.8AI score0.01376EPSS
Exploits2
Redos
Redos
added 2026/05/26 12:0 a.m.16 views

ROS-20260526-73-0011

Vulnerability in vault related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS5.8AI score0.00718EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.26 views

ROS-20260524-73-0014

A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.00269EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.34 views

ROS-20260524-73-0012

A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.00269EPSS
Exploits0
Redos
Redos
added 2026/05/24 12:0 a.m.16 views

ROS-20260524-73-0015

A vulnerability in the Libraries component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

3.7CVSS7.2AI score0.00269EPSS
Exploits0
OSV
OSV
added 2026/05/22 1:18 p.m.9 views

OESA-2026-2401 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to...

8.8CVSS5.8AI score0.00654EPSS
Exploits2References10
NVD
NVD
added 2026/05/20 4:16 p.m.18 views

CVE-2026-8488

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...

7.5CVSS0.00364EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 2:14 p.m.13 views

EUVD-2026-31119

Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...

4.3CVSS5.8AI score0.00364EPSS
Exploits0References1
Rows per page
Query Builder