Page 4 of 50652 results (0.026 seconds)

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1

22 May 2025 — A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service.. • https://gitlab.com/gitlab-org/gitlab/-/issues/533313 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

21 May 2025 — Versions up to and including 2.9.8 are vulnerable to denial of service in one special case (in stable released versions): when the payload's content type is `application/json`, and there is at least one rule which does a `sanitiseMatchedBytes` action. A patch is available at pull request 3389 and expected to be part of version 2.9.9. • https://github.com/owasp-modsecurity/ModSecurity/pull/3389 • CWE-1050: Excessive Platform Resource Consumption within a Loop •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

21 May 2025 — This may cause a denial of service of the Kubernetes node. • https://github.com/containerd/containerd/security/advisories/GHSA-cxfp-7pvr-95ff • CWE-266: Incorrect Privilege Assignment •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

21 May 2025 — Allocation of Resources Without Limits or Throttling vulnerability in Drupal Events Log Track allows Excessive Allocation.This issue affects Events Log Track: from 0.0.0 before 3.1.11, from 4.0.0 before 4.0.2. • https://www.drupal.org/sa-contrib-2025-059 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0

21 May 2025 — A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain RADIUS requests. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-restart-ss-uf986G2Q • CWE-125: Out-of-bounds Read •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

21 May 2025 — In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. • https://github.com/jqlang/jq/security/advisories/GHSA-2q6r-344g-cx46 • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

21 May 2025 — A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. • https://kb.isc.org/docs/cve-2025-40775 • CWE-232: Improper Handling of Undefined Values •

CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0

21 May 2025 — Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3. • https://clickhouse.com/docs/whats-new/security-changelog • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.3EPSS: 0%CPEs: -EXPL: 0

21 May 2025 — Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service. • https://yandex.com/bugbounty/i/hall-of-fame-browser • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

21 May 2025 — This vulnerability can lead to information disclosure, denial of service, and other security issues. • https://projects.eclipse.org/projects/technology.jgit/releases/7.2.1 • CWE-611: Improper Restriction of XML External Entity Reference CWE-827: Improper Control of Document Type Definition •