17 matches found
Apache HTTP Server 安全漏洞
Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There were security vulnerabilities in Apache HTTP Server versions 2.4.30 to 2.4.66. These...
CVE-2026-3505
Allocation of resources without limits or throttling, Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all pg modules. This vulnerability is associated with program files AEADEncDataPacket.Java, BcAEADUtil.Java, JceAEADUtil.Java,...
Allocation of Resources Without Limits or Throttling
Overview axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the Http2Sessions.getSession function in the HTTP/2 session cleanup. An attacker can cause the client process...
Security Update for Microsoft .NET Core (March 2026)
The version of tested product installed on the remote host is 8.x prior to 8.0.25, 9.x prior to 9.0.14, or 10.x prior to 10.0.4. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory: - Out-of-bounds read in .NET allows an unauthorized attacker to deny servic...
QNAP Qsync Central 安全漏洞
QNAP Qsync Central is a cloud-based file synchronization service for NAS devices provided by QNAP Technology Co., Ltd. Versions of QNAP Qsync Central prior to 5.0.0.4 contained security vulnerabilities. These vulnerabilities stemmed from unlimited resource allocation or throttling, which could le...
EUVD-2022-0262
Malicious code in bioql PyPI...
EUVD-2022-24742
Malicious code in bioql PyPI...
EUVD-2022-35690
Malicious code in bioql PyPI...
EUVD-2023-2376
Malicious code in bioql PyPI...
CVE-2025-46807
A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4...
GO-2025-3557 Ollama Allocation of Resources Without Limits or Throttling vulnerability in github.com/ollama/ollama
Ollama Allocation of Resources Without Limits or Throttling vulnerability in github.com/ollama/ollama...
CVE-2024-52972
CVE-2024-52972 affects Kibana: an allocation of resources without limits or throttling can cause a crash via a specially crafted request to /api/metrics/snapshot. The issue is exploitable by users with read access to Observability Metrics or Logs in Kibana. Connected sources corroborate the same ...
scandium: Failing DTLS handshakes may cause throttling to block processing of records
A flaw was found in the Eclipse Californium Scandium package. This issue occurs when failing handshakes don't clean up counters for throttling, causing the threshold to be reached without being released again, resulting in a denial of service. An attacker could submit a high quantity of server...
CVE-2022-45471
In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address...
CVE-2022-3298 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...
Urlhunter - A Recon Tool That Allows Searching On URLs That Are Exposed Via Shortener Services
urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly and goo.gl. The project is written in Go. How? A group named URLTeam kudos to them are brute forcing the URL shortener services and publishing matched results on a daily basis. urlhunter...
CVE-2020-10876
The OKLOK 3.1.1 mobile companion app for Fingerprint Bluetooth Padlock FB50 2.3 does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts. This allows an attacker to brute...