13 matches found
CVE-2026-41483
OpenTelemetry.Resources.Azure (Azure VM resource detector) suffers from unbounded HTTP response body reads in AzureVmMetaDataRequestor when contacting the Azure VM metadata endpoint, causing unbounded memory usage and potential DoS. The issue affects versions 1.15.0-beta.1 and earlier; it is fixe...
CVE-2026-22815
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the OpenFeature feature toggle evaluation endpoint. An attacker can cause the system to read excessive data into memory by sending unbounded values, potentially leading to...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47914, CVE-2025-58181
Summary IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47914, CVE-2025-58181 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-47914 DESCRIPTION: SSH Agent...
PYSEC-2026-73
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading componentin GoogleKeras3.0.0 through 3.13.0on all platformsallows a remote attackerto cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpretervia a crafted .keras archive containin...
CVE-2025-32381
A flaw was found in Xgrammar. This vulnerability allows a denial of service DoS via unbounded memory usage when handling a large number of unique grammar inputs from untrusted sources. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the...
CVE-2020-29485
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...
Information disclosure
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems using the Ocaml Xenstored implementation are...
oxenstored memory leak in reset_watches
ISSUE DESCRIPTION When acting upon a guest XSRESETWATCHES request, not all tracking information is freed. IMPACT A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. VULNERABLE SYSTEMS All version of Xen since 4.6 are vulnerable. Only systems using the Ocaml...
CVE-2018-15470
An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...
CVE-2018-15470
An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...
CVE-2018-15470
An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...
CVE-2018-15470
An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not...