Progress Software MOVEit 安全漏洞

Progress Software MOVEit is a secure hosted file transfer software developed by Progress Software Corporation in the United States. Versions of Progress Software MOVEit prior to 2025.0.11, as well as versions from 2025.1.0 to 2025.1.7, contained security vulnerabilities. These vulnerabilities wer...

UBUNTU-CVE-2026-42006

An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass t...

CVE-2026-42006

An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of doing this, so there was still another way left open. In particular, the fix was for closing braces, but you could still use open braces to bypass t...

PT-2026-38441

Name of the Vulnerable Software and Affected Versions ericmj decimal versions 0.1.0 through 2.x Description Uncontrolled Resource Consumption allows unauthenticated remote Denial of Service. The library does not bound the exponent on parsed input, meaning a decimal with an excessively large...

CVE-2026-42146 CImg Library: Uncontrolled memory allocation via nb_colors field in _load_bmp

CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nbcolors field read from the BMP file header is used directly to compute an allocation size without validating it against the remaining file size. A crafted BMP file with a large nbcolors value triggers an...

EUVD-2026-13139

Memory Allocation with Excessive Size Value CWE-789 in the Prometheus remotewrite HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation CAPEC-130...

CVE-2020-7052

CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition...

Uncontrolled Memory Allocation

pypdf is vulnerable to uncontrolled memory allocation. The vulnerability is due to improper handling of LZWDecode streams, which allows an attacker to craft a malicious PDF that causes excessive memory consumption up to 1 GB per stream during content parsing...

EUVD-2021-21515

Malware in sbrugna...

EUVD-2023-12444

Malicious code in bioql PyPI...

EUVD-2023-12443

Malicious code in bioql PyPI...

EUVD-2022-27373

Malicious code in bioql PyPI...

The vulnerability of the Redis database management system, related to uncontrolled memory allocation, allows attackers to trigger service failures.

The vulnerability of the Redis database management system is related to uncontrolled memory allocation. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

GHSA-7XQM-7738-642X File Browser's Uncontrolled Memory Consumption vulnerability can enable DoS attack due to oversized file processing

Summary A Denial of Service DoS vulnerability exists in the file processing logic when reading a file on endpoint Filebrowser-Server-IP:PORT/files/file-name . While the server correctly handles and stores uploaded files, it attempts to load the entire content into memory during read operations...

CVE-2025-53893

CVE-2025-53893 affects the filebrowser/filebrowser 2.38.0 DoS vulnerability where the server loads entire file content into memory during reads (e.g., /files/{file-name} or /api/resources/{file-name}) without size checks, enabling an authenticated user to trigger memory exhaustion and potentially...

PT-2025-29086 · Open Information Security Foundation +1 · Suricata +1

Name of the Vulnerable Software and Affected Versions: Suricata versions 7.0.10 and below Suricata versions 8.0.0-beta1 through 8.0.0-rc1 Description: Suricata, a network IDS, IPS, and NSM engine, is affected by an issue where mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory...

ROS-20250619-02

A vulnerability in the Net::IMAP module of the Ruby programming language is related to uncontrolled memory allocation. memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service...

CVE-2025-4605

A maliciously crafted .usdc file, when loaded through Autodesk Maya, can force an uncontrolled memory allocation vulnerability. A malicious actor may leverage this vulnerability to cause a denial-of-service DoS, or cause data corruption...