CWE-770: CWE-770

Seroval versions 1.4.0 and below have a stack overflow vulnerability when serializing deeply nested objects, causing denial of service. This affects a...

Mastodon servers running vulnerable versions allow attackers to create remote posts with unlimited poll options, causing excessive resource consumptio...

CVE-2026-23957 is a denial-of-service vulnerability in seroval library versions 1.4.0 and below. Attackers can craft malicious serialized data with ma...

GeoGebra Classic 5.0.631.0-d contains a denial of service vulnerability where attackers can crash the application by pasting extremely large content (...

GeoGebra Graphing Calculator 6.0.631.0 contains a denial of service vulnerability where attackers can crash the application by inputting an oversized ...

CVE-2021-47865 is a denial of service vulnerability in ProFTPD that allows attackers to overwhelm FTP servers by creating multiple simultaneous connec...

This vulnerability in pyasn1 allows attackers to cause denial-of-service through memory exhaustion by sending malformed RELATIVE-OID data with excessi...

CVE-2021-47784 is a denial of service vulnerability in Cyberfox Web Browser where attackers can crash the application by pasting an excessively large ...

CVE-2021-47752 is a denial of service vulnerability in AWebServer GhostBuilding 18 that allows remote attackers to crash or render the server unrespon...

This vulnerability allows remote attackers to cause Denial of Service (DoS) by sending a specially crafted .keras archive with an extremely large data...

A vulnerability in HPE Networking Instant On Access Points allows attackers to send specially crafted packets that cause devices to become unresponsiv...

A vulnerability in Technitium DNS Server v13.5 allows remote attackers to trigger a denial of service condition by exploiting the rate-limiting compon...

CoreDNS servers running gRPC, HTTPS, or HTTP/3 protocols are vulnerable to denial-of-service attacks due to missing resource limits. Unauthenticated a...

This vulnerability in AIOHTTP allows attackers to craft malicious requests that cause uncontrolled memory consumption in servers using Request.post() ...

CVE-2022-50799 is a denial of service vulnerability in Fetch FTP Client 5.8.2 where attackers can send specially crafted FTP server responses exceedin...

This vulnerability allows unauthenticated attackers to abuse network diagnostic scripts (ping.php, traceroute.php, dns.php) in SOUND4 products to laun...

CVE-2021-47713 is a denial of service vulnerability in Hasura GraphQL Engine where attackers can craft malicious GraphQL queries with excessive nested...

This vulnerability in Expr for Go allows denial-of-service attacks through stack overflow panics. Attackers can crash applications by providing deeply...

This vulnerability allows unauthenticated attackers to send specially crafted GraphQL queries that bypass complexity limits, causing denial of service...

XWiki REST API lacks request size limits, allowing attackers to request all wiki pages in a single call. This can cause excessive memory consumption l...

This vulnerability in urllib3 allows a malicious HTTP server to send specially crafted compressed responses that cause excessive CPU usage and memory ...

This vulnerability in Suricata allows an attacker to cause unbounded memory growth by sending specially crafted compressed HTTP data, potentially lead...

This vulnerability allows unauthenticated attackers to cause Denial of Service (DoS) in GitLab by sending specially crafted JSON payloads. It affects ...

This vulnerability in the joserfc Python library allows attackers to cause denial-of-service through memory exhaustion by sending extremely large JWT ...

EasyFlow GP developed by Digiwin has an unauthenticated remote denial-of-service vulnerability. Attackers can send specific requests to crash the web ...

Bugsink versions before 2.0.5 are vulnerable to denial-of-service attacks via brotli compression bombs. Attackers can send specially crafted highly co...

This vulnerability allows attackers to cause denial of service in Bugsink error tracking systems by sending specially crafted Brotli-compressed envelo...

This vulnerability allows unauthenticated attackers to cause denial of service in GitLab instances by sending specially crafted GraphQL requests with ...

Vault and Vault Enterprise are vulnerable to unauthenticated denial of service attacks when processing JSON payloads due to a regression in rate limit...

CVE-2025-56223 is a denial-of-service vulnerability in SigningHub v8.6.8 where attackers can upload excessive files to the /Home/UploadStreamDocument ...

This vulnerability in F5OS-C partition control plane allows undisclosed traffic to cause multiple container terminations when the Allowed IP Addresses...

This vulnerability in BIG-IP APM allows undisclosed traffic to cause TMM (Traffic Management Microkernel) to terminate when an Access Policy is config...

This vulnerability in BIG-IP SSL Orchestrator allows undisclosed traffic to cause the Traffic Management Microkernel (TMM) to terminate, resulting in ...

This vulnerability allows attackers to send specially crafted GraphQL queries that request large repository blobs, causing GitLab instances to become ...

This vulnerability in pdfmake allows attackers to cause denial of service by embedding malicious URLs that trigger repeated redirects, consuming exces...

This CVE describes a GraphQL query complexity bypass vulnerability in GitLab EE/CE that allows unauthenticated attackers to send specially crafted que...

This vulnerability allows unauthenticated attackers to cause a Denial of Service (DoS) condition in GitLab by uploading specially crafted large JSON f...

A denial-of-service vulnerability in xgrammar library versions 0.1.23 allows attackers to cause resource exhaustion by processing large grammars (>100...

This vulnerability in Undertow allows malicious clients to send malformed requests that trigger server-side stream resets without incrementing abuse c...

CVE-2025-6203 is a denial-of-service vulnerability in HashiCorp Vault where specially crafted JSON payloads can cause excessive memory and CPU consump...

This vulnerability allows unauthenticated remote attackers to cause Denial of Service by flooding an HTTP service on port 80 with excessive requests. ...

This vulnerability in cpp-httplib allows attackers to send specially crafted HTTP requests with Transfer-Encoding: chunked headers that cause uncontro...

CVE-2025-53634 is a denial-of-service vulnerability in Chall-Manager's HTTP Gateway that allows unauthenticated attackers to perform slow loris attack...

WeGIA web manager for charitable institutions has a vulnerability where excessively long HTTP GET requests to a specific URL can cause high resource c...

This CVE describes a denial-of-service vulnerability in Redis where unauthenticated connections can cause repeated IP protocol errors, leading to clie...

A denial-of-service vulnerability in Hitachi Energy Relion 670/650 and SAM600-IO series devices allows attackers to disrupt network traffic prioritiza...

IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a resource exhaustion vulnerability due to insufficient validation of inc...

CVE-2025-4821 is a vulnerability in Cloudflare's quiche QUIC library that allows unauthenticated remote attackers to manipulate congestion control, po...

This CVE describes an allocation of resources without limits or throttling vulnerability in Apache Tomcat. Attackers can exploit this to cause denial ...

This vulnerability in IBM Cognos Analytics allows authenticated users to send specially crafted requests that exhaust memory resources, causing denial...