GHSA-X5XW-28W4-53J5 imaginAIry Denial of Service (DoS) vulnerability

A Denial of Service DoS vulnerability exists in the brycedrennan/imaginairy repository, version 15.0.0. The vulnerability is present in the /api/stablestudio/generate endpoint, which can be exploited by sending an invalid request. This causes the server process to terminate abruptly, outputting...

CVE-2024-12063

A Denial of Service DoS vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this by sending a payload with an excessively large...

Linux Distros Unpatched Vulnerability : CVE-2016-3615

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and...

CVE-2025-26466

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to ...

CVE-2025-23193

CVE-2025-23193 describes an information-disclosure vulnerability in SAP NetWeaver Server ABAP. An unauthenticated attacker can provoke the server to respond differently depending on the existence of a specified user, potentially leaking sensitive information. The issue does not enable data modifi...

CVE-2024-56200

Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the CPU usage of the server on which this...

CVE-2024-56200

Altair is a fork of Misskey v12. Affected versions lack of request validation and lack of authentication in the image proxy for compressing and resizing remote files could allow attacks that could affect availability, such as by abnormally increasing the CPU usage of the server on which this...

Denial Of Service (DoS)

body-parser is vulnerable to Denial Of Service DoS. The vulnerability is due to inadequate handling of url encoding in body-parser, which allows an attacker to flood the server with excessive requests, potentially disrupting the server’s availability...

HTTP/2: large amount of data requests leads to denial of service

A flaw was found in HTTP/2. An attacker can request a large amount of data by manipulating window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this queue can consume excess CPU, memory, or both, leading to a...

CVE-2024-39693

Next.js is a React framework. A Denial of Service DoS condition was identified in Next.js. Exploitation of the bug can trigger a crash, affecting the availability of the server. his vulnerability was resolved in Next.js 13.5 and later...

CVE-2024-39693

CVE-2024-39693 is a DoS in Next.js (React framework) that can crash the server, affecting availability. The issue affects Next.js versions prior to 13.5 and is resolved in 13.5 and later. Connected sources consistently describe a DoS condition without detailing exploit vectors or specific vulnera...

GHSA-FQ54-2J52-JC42 Next.js Denial of Service (DoS) condition

Impact A Denial of Service DoS condition was identified in Next.js. Exploitation of the bug can trigger a crash, affecting the availability of the server. This vulnerability can affect all Next.js deployments on the affected versions. Patches This vulnerability was resolved in Next.js 13.5 and...

Next.js Security Vulnerability

Next.js is a React framework open-sourced by Vercel. A security vulnerability exists in versions of Next.js prior to 13.4.0 through 13.5 that stems from the presence of a denial-of-service DoS condition, which could affect server availability...

BIT-WILDFLY-2020-27822

A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server...

CVE-2023-5196

Mattermost fails to enforce character limits in all possible notification props allowing an attacker to send a really long value for a notificationprop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users...

GHSA-X4HH-VJM7-G2JV Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input

Summary Faktory web dashboard can suffer from denial of service by a crafted malicious url query param days. Details The vulnerability is related to how the backend reads the days URL query parameter in the Faktory web dashboard. The value is used directly without any checks to create a string...

CVE-2023-32114 Denial of Service in SAP NetWeaver

SAP NetWeaver Change and Transport System - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact ...

SICK FTMg 资源管理错误漏洞

SICK FTMg is a flow sensor from SICK, Germany. A security vulnerability exists in the SICK FTMg AIR FLOW SENSOR that stems from the presence of uncontrolled resource consumption, which allows an unprivileged remote attacker to compromise the availability of a web server by invoking multiple open...

PT-2023-22188 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS for ABAP Business Server Pages versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757 Description: The issue allows an attacker authenticated as a non-administrative user to craft a request with certain...

mariadb: assertion failure in sql/item_func.cc

A flaw was found in the MariaDB Server. It contains a segmentation fault via the component, sql/itemfunc.cc:148, affecting availability...