Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-06 | CVE-2023-52606 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. | 5.5 |
| 2024-02-29 | CVE-2024-1953 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the server to run out of memory and crash by issuing an unusually large HTTP request. | 4.3 |
| 2024-02-29 | CVE-2024-20321 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Nx-Os A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. | 8.6 |
| 2024-02-29 | CVE-2023-50658 | Allocation of Resources Without Limits or Throttling vulnerability in Dvsekhvalnov Jose2Go The jose2go component before 1.6.0 for Go allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value. | 7.5 |
| 2024-02-26 | CVE-2024-22201 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Jetty is a Java based web server and servlet engine. | 7.5 |
| 2024-02-26 | CVE-2024-23835 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
| 2024-02-26 | CVE-2024-23836 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
| 2024-02-26 | CVE-2024-23837 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products LibHTP is a security-aware parser for the HTTP protocol. | 7.5 |
| 2024-02-23 | CVE-2023-51393 | Allocation of Resources Without Limits or Throttling vulnerability in Silabs Emberznet Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered as part of Silicon Labs Gecko SDK v4.4.0) which may enable attackers to trigger a bus fault and crash of the device, requiring a reboot in order to rejoin the network. | 7.5 |
| 2024-02-20 | CVE-2024-26265 | Allocation of Resources Without Limits or Throttling vulnerability in Liferay Portal The Image Uploader module in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions relies on a request parameter to limit the size of files that can be uploaded, which allows remote authenticated users to upload arbitrarily large files to the system's temp folder by modifying the `maxFileSize` parameter. | 6.5 |