| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Allocation of resources without limits or throttling issue exists in HMI ViewJet C-more series and HMI GC-A2 series, which may allow a remote unauthenticated attacker to cause a denial-of-service (DoS) condition. |
| bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image meta data from JPEG, TIFF, PNG, and WebP files. The EXIF data format allows for defining excessively large data structures in relatively small payloads. Before v0.10.0, If you didn't trust the input images, this could be abused to construct denial-of-service attacks. v0.10.0 added LimitNumTags (default 5000) and LimitTagSize (default 10000) options. |
| The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically due to internal optimizations being frequently bypassed. The query planner includes an optimization that significantly speeds up planning for applicable GraphQL selections. However, queries with deeply nested and reused named fragments can generate many selections where this optimization does not apply, leading to significantly longer planning times. Because the query planner does not enforce a timeout, a small number of such queries can exhaust router's thread pool, rendering it inoperable. This could lead to excessive resource consumption and denial of service. This has been remediated in apollo-router versions 1.61.2 and 2.1.1. |
| Volcano is a Kubernetes-native batch scheduling system. Prior to versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2, attacker compromise of either the Elastic service or the extender plugin can cause denial of service of the scheduler. This is a privilege escalation, because Volcano users may run their Elastic service and extender plugins in separate pods or nodes from the scheduler. In the Kubernetes security model, node isolation is a security boundary, and as such an attacker is able to cross that boundary in Volcano's case if they have compromised either the vulnerable services or the pod/node in which they are deployed. The scheduler will become unavailable to other users and workloads in the cluster. The scheduler will either crash with an unrecoverable OOM panic or freeze while consuming excessive amounts of memory. This issue has been patched in versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2. |
| Having a large number of address headers (From, To, Cc, Bcc, etc.) becomes excessively CPU intensive. With 100k header lines CPU usage is already 12 seconds, and in a production environment we observed 500k header lines taking 18 minutes to parse. Since this can be triggered by external actors sending emails to a victim, this is a security issue. An external attacker can send specially crafted messages that consume target system resources and cause outage. One can implement restrictions on address headers on MTA component preceding Dovecot. No publicly available exploits are known. |
| Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "full_value" buffer out of the smaller chunks. The full_value buffer has no size limit, so large headers can cause large memory usage. It doesn't matter whether it's a single long header line, or a single header split into multiple lines. This bug exists in all Dovecot versions. Incoming mails typically have some size limits set by MTA, so even largest possible header size may still fit into Dovecot's vsz_limit. So attackers probably can't DoS a victim user this way. A user could APPEND larger mails though, allowing them to DoS themselves (although maybe cause some memory issues for the backend in general). One can implement restrictions on headers on MTA component preceding Dovecot. No publicly available exploits are known. |
| tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations. |
| An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows unauthenticated remote attackers to use the password reset feature without limits. This can lead to several consequences, including mailbox storage exhaustion for targeted users, reputation damage to the SMTP server, potentially causing it to be blacklisted, and overload of the SMTP server's outbound mail queue. |
| Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) that partially bypass security options `security.mac_filtering`, `security.ipv4_filtering` and `security.ipv6_filtering`. This can lead to DHCP pool exhaustion and opens the door for other attacks. A patch is available at commit 2516fb19ad8428454cb4edfe70c0a5f0dc1da214. |
| The Yealink RPS API before 2025-05-26 lacks rate limiting, potentially enabling information disclosure via excessive requests. |
| rplay through 3.3.2 allows attackers to cause a denial of service (SIGSEGV and daemon crash) or possibly have unspecified other impact. This occurs in memcpy in the RPLAY_DATA case in rplay_unpack in librplay/rplay.c, potentially reachable via packet data with no authentication. |
| An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device. |
| Cyberfox Web Browser 52.9.1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the search bar with excessive data. Attackers can generate a 9,000,000 byte payload and paste it into the search bar to trigger an application crash. |
| Laravel Nova 3.7.0 contains a denial of service vulnerability that allows authenticated users to crash the application by manipulating the 'range' parameter. Attackers can send simultaneous requests with an extremely high range value to overwhelm and crash the server. |
| Filetto 1.0 FTP server contains a denial of service vulnerability in the FEAT command processing that allows attackers to crash the service. Attackers can send an oversized FEAT command with 11,008 bytes of repeated characters to trigger a buffer overflow and terminate the FTP service. |
| AuntyFey Smart Combination Lock firmware versions as of 2025-12-24 contain a vulnerability that allows an unauthenticated attacker within Bluetooth Low Energy (BLE) range to cause a denial of service by repeatedly initiating BLE connections. Sustained connection attempts interrupt keypad authentication input and repeatedly force the device into lockout states, preventing legitimate users from unlocking the device. |
| An unauthenticated remote attacker can cause a DoS in the controller due to uncontrolled resource consumption. |
| A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), RTUM85 RTU Base (All versions < V26.10). The affected application contains denial-of-service (DoS) vulnerability. The remote operation mode is susceptible to a resource exhaustion condition when subjected to a high volume of requests. Sending multiple requests can exhaust resources, preventing parameterization and requiring a reset or reboot to restore functionality. |
| Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. |
| Denial-of-service in the Libraries component in NSS. This vulnerability was fixed in Firefox 149 and Thunderbird 149. |
