Lucene search
K

631 matches found

EUVD
EUVD
added 2 days ago6 views

EUVD-2026-43095

Previously, there was no throttling on repeated authentication attempts to the charging station backend, which could allow an attacker to execute a denial-of-service attack...

8.7CVSS6.1AI score0.0038EPSS
Exploits0References4
NVD
NVD
added 3 days ago7 views

CVE-2026-42952

Previously, there was no throttling on repeated authentication attempts to the charging station backend, which could allow an attacker to execute a denial-of-service attack...

8.7CVSS0.0038EPSS
Exploits0References3
CVE
CVE
added 3 days ago7 views

CVE-2026-42952

CVE-2026-42952 concerns the Hydro-Québec Le Circuit Électrique charging-station backend. The issue is an improper restriction of excessive authentication attempts due to lack of throttling, which could enable a denial-of-service condition. Technical details in the connected records indicate an ex...

8.7CVSS6.1AI score0.0038EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-57339

Name of the Vulnerable Software and Affected Versions EV charging station backends affected versions not specified Description The charging station backend lacks throttling on repeated authentication attempts. This deficiency allows an attacker to perform a denial-of-service attack, which is a...

8.7CVSS6.1AI score0.0038EPSS
Exploits0References5
NVD
NVD
added 2026/07/06 11:16 a.m.10 views

CVE-2026-4249

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service conditio...

8.6CVSS0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 10:16 a.m.39 views

CVE-2026-4249 Denial of Service via Malicious JSON Payloads in Throttling Events in Multiple WSO2 Products Causing Persistent Service Disruption

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service conditio...

8.6CVSS0.00339EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 10:16 a.m.7 views

EUVD-2026-41871

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service conditio...

8.6CVSS6AI score0.00339EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 10:16 a.m.7 views

CVE-2026-4249

The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service conditio...

8.6CVSS6AI score0.00339EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2026/07/06 10:16 a.m.17 views

CVE-2026-4249

The CVE-2026-4249 affects multiple WSO2 products where the throttling event handling accepts unvalidated JSON payloads. The underlying issue is insufficient validation of the structure/content, enabling an unauthenticated remote attacker to inject malicious JSON that can cause a persistent denial...

8.6CVSS6AI score0.00339EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/01 4:35 p.m.33 views

CVE-2026-49087 Allocation of Resources Without Limits or Throttling in Kibana Leading to Denial of Service

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted bulk deletion request that causes excessive resource consumption, which may render Kibana unavailable...

6.5CVSS0.00251EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 4:26 p.m.16 views

CVE-2026-56150

MODE C: CVE-2026-56150 affects Elastic Fleet Server via Allocation of Resources Without Limits or Throttling (upload endpoint memory exhaustion). Multiple connected sources describe the vulnerability in Fleet Server's internal API packages and uploader, enabling an attacker to exhaust RAM and pot...

7.5CVSS5.8AI score0.00312EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/30 9:16 p.m.7 views

CVE-2025-36319

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to cause a temporary denial using a specially crafted HTTP request due to improper allocation of resource throttling...

4.3CVSS0.00431EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 8:23 p.m.14 views

CVE-2025-36319

CVE-2025-36319 affects IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The issue allows an authenticated user to trigger a temporary denial of service via a specially crafted HTTP request caused by improper allocation of resource throttling. The connected data sources do no...

4.3CVSS5.8AI score0.00431EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/30 12:13 a.m.5 views

org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...

8.1CVSS7.2AI score0.00817EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-53319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are...

5.5CVSS6AI score0.001EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-53974

Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description An authenticated user can cause a temporary denial of service by sending a specially crafted HTTP request. This issue occurs due to improper allocation of resource...

4.3CVSS6AI score0.00431EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 9:47 a.m.4 views

Security Bulletin: Multiple Vulnerabilities in IBM DataStax Enterprise

Summary Multiple vulnerabilities were addressed in IBM DataStax Enterprise 6.9.23 Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This vulnerability is...

9.9CVSS7.3AI score0.01339EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/29 8:36 a.m.7 views

CVE-2026-53319

A flaw was found in the Linux kernel's block writeback throttling blk-wbt component. The wbtinitenabledefault function used a warning mechanism WARNONONCE for expected failure paths during memory allocation or if writeback throttling was already registered. This could lead to spurious warnings, b...

5.5CVSS5.8AI score0.001EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.10 views

SUSE CVE-2026-53319

In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...

5.8AI score0.001EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:17 p.m.3 views

DEBIAN-CVE-2026-53319

In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
Rows per page
Query Builder