42 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling while processing PDF files. An attacker can cause the server to crash or become unresponsive by uploading a specially crafted PDF file that triggers memory exhaustion or an endless...
CVE-2025-69229
A flaw was found in aiohttp, an asynchronous HTTP client/server framework for asyncio and Python. An attacker can exploit this vulnerability by sending a large number of chunks in a message. This can lead to excessive blocking CPU usage when the application processes the request, potentially...
UBUNTU-CVE-2025-67726
Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and below use an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values, such as thos...
EUVD-2019-0386
Malware in sbrugna...
EUVD-2022-38520
Malicious code in bioql PyPI...
EUVD-2025-4104
Malicious code in bioql PyPI...
EUVD-2025-6823
Malicious code in bioql PyPI...
Denial Of Service (DoS)
vllm is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of excessively large HTTP headers in GET requests, which allows an attacker to exhaust server memory and cause a crash or unresponsiveness...
SUSE CVE-2025-6203
A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault's auditing subroutine, potentially resulting in the Vault server to become...
tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame
A flaw was found in Apache Tomcat. This vulnerability allows an application-level denial of service DoS, causing it to become unresponsive or slow via maliciously crafted HTTP/2 prioritization headers. It performs an incomplete cleanup of failed requests, which triggers a memory leak...
CVE-2024-47214
An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47212, but involves a different kind of malicious payload. As above, it can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would...
Denial of Service (DoS)
Overview aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Denial of Service DoS through the tracking server. An attacker can cause the server to become unresponsive to other requests by sending very large images that exceed...
H2O Vulnerable to Denial of Service (DoS) via Large GZIP Parsing
In h2oai/h2o-3 version 3.46.0.2, a vulnerability exists where uploading and repeatedly parsing a large GZIP file can cause a denial of service. The server becomes unresponsive due to memory exhaustion and a large number of concurrent slow-running jobs. This issue arises from the improper handling...
CVE-2025-0191
A Denial of Service DoS vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...
CVE-2025-0191 Denial of Service in gaizhenbiao/chuanhuchatgpt
A Denial of Service DoS vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...
CVE-2024-8789 Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary
Lunary-ai/lunary version git 105a3f6 is vulnerable to a Regular Expression Denial of Service ReDoS attack. The application allows users to upload their own regular expressions, which are then executed on the server side. Certain regular expressions can have exponential runtime complexity relative...
OpenDJ Denial of Service (DoS) using alias loop
Summary A denial-of-service DoS vulnerability in OpenDJ has been discovered that causes the server to become unresponsive to all LDAP requests without crashing or restarting. This issue occurs when an alias loop exists in the LDAP database. If an ldapsearch request is executed with alias...
CVE-2025-27419 Denial of Service (DoS) in WeGIA due to Recursive Crawling of Dynamic URLs
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Denial of Service DoS vulnerability exists in WeGIA. This vulnerability allows any unauthenticated user to cause the server to become unresponsive by performing aggressive spidering. The vulnerabilit...
WeGIA 安全漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.2.16, which stems from the fact that an unauthenticated user can cause the server to become unresponsive through a large number of requests...
Regular Expression Denial Of Service (ReDoS)
@octokit/request is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to an unbounded regular expression match, allowing an attacker to send a malicious link header, leading to excessive CPU usage and potential server unresponsiveness...