Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-48809 Allocation of Resources Without Limits or Throttling vulnerability in Aetherproject Onos-A1T and Sdran-In-A-Box
An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial of service via the onos-a1t component of the sdran-in-a-box, specifically the DeleteWatcher function.
network
low complexity
aetherproject CWE-770
7.5
2024-11-04 CVE-2024-51557 Allocation of Resources Without Limits or Throttling vulnerability in 63Moons Aero and Wave 2.0
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint.
network
low complexity
63moons CWE-770
6.5
2024-10-31 CVE-2024-10599 Allocation of Resources Without Limits or Throttling vulnerability in Tongda2000 Office Anywhere 2017
A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7.
network
low complexity
tongda2000 CWE-770
7.5
2024-10-30 CVE-2024-31152 Allocation of Resources Without Limits or Throttling vulnerability in Level1 Wbr-6012 Firmware R0.40E6
The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application, where a series of crafted HTTP requests can cause a reboot.
network
low complexity
level1 CWE-770
7.5
2024-10-29 CVE-2024-7807 Allocation of Resources Without Limits or Throttling vulnerability in Gaizhenbiao Chuanhuchatgpt 20240628
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service (DOS) attack.
network
low complexity
gaizhenbiao CWE-770
7.5
2024-10-25 CVE-2024-49767 Allocation of Resources Without Limits or Throttling vulnerability in Palletsprojects Werkzeug
Werkzeug is a Web Server Gateway Interface web application library.
network
low complexity
palletsprojects CWE-770
7.5
2024-10-23 CVE-2024-20526 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established.
network
low complexity
cisco CWE-770
5.3
2024-10-23 CVE-2024-31880 Allocation of Resources Without Limits or Throttling vulnerability in IBM DB2
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user.
network
low complexity
ibm CWE-770
6.5
2024-10-22 CVE-2024-50311 Allocation of Resources Without Limits or Throttling vulnerability in Redhat Openshift Container Platform 4.0
A denial of service (DoS) vulnerability was found in OpenShift.
network
low complexity
redhat CWE-770
6.5
2024-10-14 CVE-2024-6762 Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Jetty
Jetty PushSessionCacheFilter can be exploited by unauthenticated users to launch remote DoS attacks by exhausting the server’s memory.
network
low complexity
eclipse CWE-770
6.5