Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-10 | CVE-2025-21690 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Ratelimit warning logs to prevent VM denial of service If there's a persistent error in the hypervisor, the SCSI warning for failed I/O can flood the kernel log and max out CPU utilization, preventing troubleshooting from the VM side. | 5.5 |
| 2025-01-21 | CVE-2024-43709 | Allocation of Resources Without Limits or Throttling vulnerability in Elastic Elasticsearch An allocation of resources without limits or throttling in Elasticsearch can lead to an OutOfMemoryError exception resulting in a crash via a specially crafted query using an SQL function. | 7.5 |
| 2025-01-19 | CVE-2024-41742 | IBM TXSeries for Multiplatforms 10.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. | 7.5 |
| 2025-01-19 | CVE-2024-41743 | IBM TXSeries for Multiplatforms 10.1 could allow a remote attacker to cause a denial of service using persistent connections due to improper allocation of resources. | 7.5 |
| 2025-01-18 | CVE-2024-45662 | IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources. | 7.5 |
| 2025-01-16 | CVE-2018-25108 | An unauthenticated remote attacker can cause a DoS in the controller due to uncontrolled resource consumption. | 7.5 |
| 2025-01-14 | CVE-2024-46668 | Allocation of Resources Without Limits or Throttling vulnerability in Fortinet Fortios An allocation of resources without limits or throttling vulnerability [CWE-770] in FortiOS versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, versions 7.0.0 through 7.0.15, and versions 6.4.0 through 6.4.15 may allow an unauthenticated remote user to consume all system memory via multiple large file uploads. | 7.5 |
| 2025-01-07 | CVE-2024-45100 | IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration requests due to improper allocation of resources. | 4.9 |
| 2025-01-06 | CVE-2024-43064 | Allocation of Resources Without Limits or Throttling vulnerability in Qualcomm products Uncontrolled resource consumption when a driver, an application or a SMMU client tries to access the global registers through SMMU. | 4.7 |
| 2025-01-02 | CVE-2022-49035 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. | 5.5 |