1685 matches found
CVE-2026-56810
Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint Mint.HTTP1 module allows a denial of service via an oversized chunked transfer-encoded response. This vulnerability is associated with program files lib/mint/http1.ex and program routines...
Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites
Summary The vulnerabilities were found in dependent open source libraries used within IBM Quantum Safe Explorer code base. These issues have been addressed by updating the versions of affected libraries. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client...
Allocation of Resources Without Limits or Throttling
Overview github.com/elastic/fleet-server/internal/pkg/api is a control server to manage a fleet of elastic-agents. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitting...
CVE-2026-56150
Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...
CVE-2026-49087
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...
CVE-2026-49087 Allocation of Resources Without Limits or Throttling in Kibana Leading to Denial of Service
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...
EUVD-2026-41088
Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...
CVE-2026-56150 Allocation of Resources Without Limits or Throttling in Fleet Server Leading to Denial of Service
Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...
EUVD-2026-41077
Allocation of Resources Without Limits or Throttling CWE-770 in Fleet Server can lead to a denial of service via Excessive Allocation CAPEC-130. An attacker can submit a specially crafted request to an upload endpoint that causes excessive memory consumption, which may render Fleet Server...
EUVD-2026-41072
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...
CVE-2026-12818
Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling CWE-770 within their Modbus TCP service...
EUVD-2026-40257
Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling CWE-770 within their Modbus TCP service...
CVE-2026-12818
Delta Electronics DVP12SE PLCs are affected by a resource allocation vulnerability (CWE-770) in the Modbus TCP service. The issue entails unbounded resource usage due to lack of limits or throttling. CVSS data from the NVD indicates a CRITICAL severity with network attack vector, no privileges, a...
Security Bulletin: IBM® Db2® federated server is affected by multiple vulnerabilities in Netty open source libraries.
Summary IBM® Db2® federated server is affected by multiple vulnerabilities in Netty open source libraries. Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote us...
CVE-2024-54178
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources...
EUVD-2024-55643
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources...
CVE-2024-54178
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources...
CVE-2024-54178
CVE-2024-54178 concerns IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data, affecting versions 4.8, 5.0, 5.1, 5.2, and 5.3. An authenticated user can cause a denial of service when creating new databases due to improper allocation of resources. The CVSS data indicates a Network...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the upload function. An attacker can cause the server to become unresponsive for all users by sending a specially crafted multipart form-data request with an excessively long...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx4en: A use-after-free bug has been fixed in mlx4entryallocresources. In mlx4entryallocresources, the mlx4encopypriv function is called, and tmp-txcq will be freed during the error path of mlx4encopypriv. After that,...