Lucene search
K

574 matches found

CVE
CVE
added 2026/05/11 10:16 a.m.18 views

CVE-2025-10470

CVE-2025-10470 affects WSO2 Identity Server's Magic Link authentication flow. The vulnerability arises because the flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, causing uncontrolled memory usage growth. This can lead to a denial-of-servi...

8.6CVSS5.8AI score0.00317EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/11 10:16 a.m.7 views

CVE-2025-10470

The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth. This vulnerability can result in a denial-of-service condition, causing service unavailability for deployments that...

8.6CVSS5.8AI score0.00317EPSS
Exploits0References2Affected Software2
RedHat Linux
RedHat Linux
added 2026/05/04 1:37 a.m.16 views

dotnet: .NET: Denial of Service via stack overflow

A flaw was found in .NET. A remote attacker could exploit a stack overflow vulnerability during encrypted key nested decryption, leading to a Denial of Service DoS. This could make the affected system unavailable to legitimate users...

7.5CVSS6.3AI score0.01553EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/24 12:31 a.m.5 views

EUVD-2026-25363

A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchd...

8.1CVSS5.7AI score0.00324EPSS
Exploits0References4
NVD
NVD
added 2026/04/24 12:16 a.m.4 views

CVE-2026-40623

A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchd...

8.1CVSS0.00324EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/15 12:1 a.m.6 views

EUVD-2026-22817

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Versions 1.8-rc-1, 17.0.0-rc-1 and 17.5.0-rc-1 and prior include a resource exhaustion vulnerability in REST API endpoints such as...

6.9CVSS5.8AI score0.00405EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.6 views

PT-2026-32406

Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.4 views

PT-2026-31345

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description An authenticated user with access to the automatic import feature can submit specially crafted requests with excessively large input values. When multiple such requests are sent concurrently,...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/12 3:27 p.m.9 views

asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to perform a Denial of Service DoS attack over a network by allocating resources without limits or throttling. This can lead to the unavailability of the service for legitimate users...

7.5CVSS5.7AI score0.02818EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/12 9:34 a.m.6 views

asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to perform a Denial of Service DoS attack over a network by allocating resources without limits or throttling. This can lead to the unavailability of the service for legitimate users...

7.5CVSS5.7AI score0.02818EPSS
Exploits0References5
CNVD
CNVD
added 2026/03/12 12:0 a.m.7 views

OpenClaw Denial of Service Vulnerability (CNVD-2026-13832)

OpenClaw is an open source framework for data acquisition. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability by triggering a memory exhaustion via an oversized response with no content-length, resulting in service unavailability...

8.7CVSS5.8AI score0.00426EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.12 views

OpenClaw 安全漏洞

OpenClaw is a tool for working with archived files. A denial of service vulnerability exists in OpenClaw. An attacker can exploit this vulnerability to exhaust CPU, memory, and disk resources via a highly inflated ZIP/TAR archive file, resulting in service degradation or system unavailability...

6.7CVSS5.8AI score0.00319EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-25612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may...

7.1CVSS5.6AI score0.00199EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/11 7:44 p.m.4 views

CVE-2026-25612

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks...

7.1CVSS5.5AI score0.00199EPSS
Exploits0References1
NVD
NVD
added 2026/02/10 6:16 p.m.12 views

CVE-2026-25612

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks...

7.1CVSS0.00199EPSS
Exploits0References2
OSV
OSV
added 2026/02/10 6:16 p.m.4 views

UBUNTU-CVE-2026-25612

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/10 6:5 p.m.4 views

CVE-2026-25612 Internal ResourceId collision may affect unrelated collections

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks...

7.1CVSS5.5AI score0.00199EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/10 6:5 p.m.28 views

CVE-2026-25612 Internal ResourceId collision may affect unrelated collections

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks...

7.1CVSS0.00199EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/10 6:5 p.m.3 views

CVE-2026-25612

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks...

7.1CVSS5.5AI score0.00199EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/02/10 6:5 p.m.19 views

CVE-2026-25612

CVE-2026-25612 concerns the MongoDB server’s internal locking mechanism, which uses an internal resource encoding to decide locks. This can cause collisions between collections in that representation, leading to unavailability due to conflicting locks. Metrics indicate a high availability impact ...

7.1CVSS5.5AI score0.00199EPSS
Exploits0References2
Rows per page
Query Builder