31 matches found
VMware Spring Data Commons 资源管理错误漏洞
VMware Spring Data Commons is a data access abstraction framework developed by VMware Corporation in the United States. There is a resource management vulnerability in VMware Spring Data Commons. This vulnerability arises when the attribute path string controlled by the attacker is passed to the...
ImageMagick 资源管理错误漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It can read, convert, and write images in various formats. Versions of ImageMagick prior to 6.9.13-50 and 7.1.2-25 contained a resource management vulnerability. This vulnerability stemmed from...
kafka-python 资源管理错误漏洞
Kafka-Python is a distributed stream processing engine client library written entirely in Python by Dana Powers. Versions of Kafka-Python prior to 2.3.2 contained a resource management vulnerability. This vulnerability stemmed from the lack of verification of the iteration count during SCRAM...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the WebAppInstalls component after its release, potentially allowing local attackers to execute...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Chromecast component’s ability to reuse resources after release, which could allow remote attackers who have...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from Chromoting’s ability to reuse resources after they were released, which could allow remote attackers to execute...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of WebML after its release, which could allow remote attackers to execute arbitrary code within a sandb...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability, which stemmed from issues with reusing resources after they were released in Skia. This vulnerability could allow remote attackers who have...
deskflow 资源管理错误漏洞
Deskflow is an open-source tool for sharing keyboards and mice across devices. Versions of Deskflow prior to 1.26.0.167 contained a resource management vulnerability. This vulnerability arises from a fatal error branch that occurs when the TLS handshake fails, causing SecureSocket::secureAccept t...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Core objects after its release, which could allow remote attackers to exploit the vulnerability...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after the Fullscreen mode was released, which could allow remote attackers to exploit the...
Apache Neethi 资源管理错误漏洞
Apache Neethi is a policy processing framework library developed by the Apache Foundation. There is a resource management vulnerability in Apache Neethi, which stems from the algorithmic complexity involved in policy normalization. This vulnerability may cause specially crafted WS-Policy document...
facil.io 资源管理错误漏洞
facil.io is a C-language high-performance web application microframework developed by Bo’s individual developer. Facil.io has a resource management vulnerability; this vulnerability arises when fiojsonparse enters an infinite loop upon encountering nested JSON values that start with “i” or “I”,...
Podman Desktop 资源管理错误漏洞
Podman Desktop is an open-source container management tool developed by podman-desktop. Versions of Podman Desktop prior to 1.26.2 contained a resource management vulnerability. This vulnerability stemmed from an unverified HTTP server that lacked connection limits and timeout mechanisms, which...
libfuse 资源管理错误漏洞
libfuse is an open-source user-space file system development library developed by libfuse. Versions of libfuse 3.18.0 to 3.18.2 contained a resource management vulnerability. This vulnerability stemmed from issues with the iouring subsystem, where objects were reclaimed and then reused, potential...
FreeRDP 资源管理错误漏洞
FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.22.0 contained a resource management vulnerability. This vulnerability stemmed from videotimer sending client notifications after the control channel was closed, which...
ROS-20251106-03
A vulnerability in the Rack module interface of the Ruby programming language interpreter is related to incorrect header processing in "Rack::Sendfile". header processing in "Rack::Sendfile". Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to potentially...
EUVD-2025-32356
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...
Microsoft WinJS winjsdevelop Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft WinJS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of WinJS. When installed from the official Microsoft NPM repository, th...
Lunary 资源管理错误漏洞
Lunary is Lunary open source a production toolkit for LLM . A security vulnerability exists in Lunary version 105a3f6 that originates from allowing users to upload and execute arbitrary regular expressions, which can be exploited by an attacker to potentially cause a regular expression denial of...