576 matches found
EUVD-2026-43586
SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and...
CVE-2026-47262
A flaw was found in containerd, an open-source container runtime. A remote attacker could exploit this vulnerability by providing a maliciously crafted image. When a container is created from this image, it leads to uncontrolled resource consumption and memory exhaustion, causing the containerd...
CVE-2026-47262
containerd is an open-source container runtime. Versions prior to 1.7.33, 2.0.10, 2.1.9, 2.2.5 and 2.3.2, contain a vulnerability that allows a maliciously crafted image to cause a Denial of Service DoS condition. When creating a container from this image, memory exhaustion occurs, leading to an...
CVE-2026-56148
Uncontrolled Recursion CWE-674 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. An authenticated user can submit a specially crafted query that causes excessive resource consumption while the request is processed, which may render the affected node unavailable...
CVE-2026-35505
An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...
CVE-2025-61022
A flaw was found in openlink virtuoso-opensource. This issue, specifically within the sqlotbcolpreds component, allows attackers to cause a Denial of Service DoS by sending specially crafted SQL statements. This can lead to the unavailability of the service...
GHSA-4J89-2C4F-44C6 Gogs has DoS in rendering issue index pattern
Summary Special template of issue index pattern may cause panic. Details in internal/markup/markup.go go link = fmt.Sprintf%s, com.Expandmetas"format", metas, m Issue index pattern is rendered to link with com.Expand. However, com.Expand is not safe. go i = strings.Indextemplate, "" if s, ok :=...
EUVD-2026-35456
Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests...
CVE-2026-28237
Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability...
PT-2026-47828
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests, leading to a denial of service...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the toString function in the AST Serialization. An attacker can cause uncontrolled recursion by providing specially crafted input, potentially resulting in resource exhaustion and application unavailability...
keycloak: Keycloak: Denial of Service via specially crafted SAML input
A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language SAML endpoint. This malicious input can cause high CPU usage and worker thread starvation, leading to a Denial of Service DoS where the server becomes...
dovecot: denial of service via crafted message before authentication
A flaw was found in dovecot. An unauthenticated and remote attacker can send a crafted message that causes managesieve to allocate an excessive amount of memory, forcing managesieve-login to be unavailable by repeatedly crashing the process, resulting in a denial of service...
qs: qs: Denial of Service via improper input validation in array parsing
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation e.g., a=value. This bypasses the arrayLimit option, which is designed to limit the size of...
SUSE CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
EUVD-2026-30139
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
CVE-2026-28379
A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause a fatal map access error. This results in complete service unavailability requiring restart of the Grafana server...
Denial of Service (DoS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Denial of Service DoS through the handling of system resources. An attacker can cause the application to become unresponsive by sending specially crafted requests that...