Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) al…

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to gen…

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC throug…

Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers…

Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerabil…

When curl retrieves an HTTP response, it stores the incoming headers so that they can be access…

The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit passwo…

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issu…

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed…

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong p…

WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a lo…

Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Po…

httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via …

IKTeam BearFTP before 0.2.0 allows remote attackers to achieve denial of service via a large vo…

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. Th…

When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of…

A flaw in Node.js HTTP request handling causes an uncaught `TypeError` when a request is receiv…

When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of …

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files create…

When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of…

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java S…

Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause a denial of service (disk…

A malicious client can send many DNS messages over TCP, potentially causing the server to becom…

A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Str…

Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaus…

Jetty is a java based web server and servlet engine. In affected versions servlets with multipa…

This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and be…

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applicati…

In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buf…

DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone control…

The pairing API request handler in Microsoft HoloLens 1 (Windows Holographic) through 10.0.1776…

A flaw was found in Undertow where malformed client requests can trigger server-side stream res…

api/account/register in the TH Wildau COVID-19 Contact Tracing application through 2021-09-01 h…

Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, co…

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applicati…

Spring WebFlux applications that have Spring Security authorization rules on static resources c…

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to…

ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps l…

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPad…

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When qu…