6168 matches found
ROS-20260708-73-0048
The vulnerability in dovecot is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service failures...
Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)
Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by uncontrolled resource consumption and denial of service. Vulnerability Details CVEID:CVE-2026-50645 DESCRIPTION: There is no restriction on the amount of attachment headers that a message can contain...
CVE-2026-24012
Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...
PT-2026-55599
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software does not enforce a timeout on git grep searches, which can allow expensive search operations to consume excessive server resources. Recommendations Update to version 1.25.5 or later...
CVE-2026-44740
A flaw was found in Billy, an interface filesystem abstraction for Go. This vulnerability allows a remote attacker to cause a Denial of Service DoS by providing crafted or malformed input. The issue arises from insufficient validation and missing safety mechanisms when processing untrusted...
CVE-2026-49090
Uncontrolled Resource Consumption CWE-400 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk request that causes sustained high CPU consumption, which can render the affected node unable to process request...
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...
Security Bulletin: IBM Integration Designer is vulnerable to multiple CVEs
Summary Multiple vulnerabilities are resolved: CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22021, CVE-2026-34268 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
Security Bulletin: IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled
Summary IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled CVE-2026-9002 Vulnerability Details CVEID:CVE-2026-9002 DESCRIPTION: IBM WebSphere eXtreme Scale could allow an adjacent attacker to cause a denial of service due to improper validation in th...
ImageMagick: ImageMagick: Denial of Service due to excessive resource use in MNG coder
A flaw was found in ImageMagick. A remote attacker could exploit a missing check in the Multiple-image Network Graphics MNG coder to read more images than allowed by policy. This could lead to excessive resource consumption, resulting in a denial of service DoS...
EUVD-2026-31685
Hackney: ssl:connect/2 post-handshake upgrade has no timeout...
ROS-20260626-73-0027
The vulnerability in ImageMagick is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
ROS-20260626-73-0006
The vulnerability related to tempo involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
GO-2026-5528 Grafana Tempo has an Uncontrolled Resource Consumption issue in github.com/grafana/tempo
Grafana Tempo has an Uncontrolled Resource Consumption issue in github.com/grafana/tempo. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...
Security Bulletin: Java Updates for the April 2026 Vulnerability Advisory
Summary This interim fix addresses all applicable Java SE CVEs published by OpenJDK as part of their April 2026 Vulnerability Advisory: CVE-2026-34282, CVE-2026-22016, CVE-2026-23865, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-22008, CVE-2026-34268, CVE-2026-22007, CVE-2026-6918...
Astra Linux – Vulnerability in libxml2
A flaw was discovered in the libxml2 library. This vulnerability arises from uncontrolled resource consumption when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this vulnerability by providing malicious catalogs,...
Uncontrolled Resource Consumption
pypdf is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to inefficient processing of PDF streams using the /FlateDecode filter with a PNG predictor, where specially crafted PDF content can trigger excessive computation during stream decoding, allowing attackers to cause...
urllib3: urllib3 Streaming API improperly handles highly compressed data
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip, deflate, br, or zstd. The library must read compressed data from the network and decompress it...
BIT-DOTNET-2026-45591 ASP.NET Core Denial of Service Vulnerability
Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network...
BIT-DOTNET-SDK-2026-45591 ASP.NET Core Denial of Service Vulnerability
Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network...