Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2021-09-07 CVE-2021-37629 Allocation of Resources Without Limits or Throttling vulnerability in Nextcloud Richdocuments
Nextcloud Richdocuments is an open source collaborative office suite.
network
low complexity
nextcloud CWE-770
5.0
2021-08-31 CVE-2021-22029 Allocation of Resources Without Limits or Throttling vulnerability in VMWare Workspace ONE UEM Console
VMware Workspace ONE UEM REST API contains a denial of service vulnerability.
network
low complexity
vmware CWE-770
5.0
2021-08-27 CVE-2021-28700 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen.
network
low complexity
xen fedoraproject CWE-770
6.8
2021-08-25 CVE-2021-1592 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Unified Computing System
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-770
4.0
2021-08-25 CVE-2018-10790 Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.5.1.0
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
network
low complexity
axiosys CWE-770
5.0
2021-08-20 CVE-2021-22246 Allocation of Resources Without Limits or Throttling vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6.
network
low complexity
gitlab CWE-770
4.0
2021-08-19 CVE-2020-18899 Allocation of Resources Without Limits or Throttling vulnerability in Exiv2 0.27
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.
network
exiv2 CWE-770
4.3
2021-08-16 CVE-2021-21860 Allocation of Resources Without Limits or Throttling vulnerability in Gpac 1.0.1
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac CWE-770
6.8
2021-08-16 CVE-2021-21861 Allocation of Resources Without Limits or Throttling vulnerability in Gpac 1.0.1
An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1.
network
gpac CWE-770
6.8
2021-08-13 CVE-2021-32068 Allocation of Resources Without Limits or Throttling vulnerability in Mitel Micollab
The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack by sending multiple session renegotiation requests, due to insufficient TLS session controls.
network
mitel CWE-770
4.3