Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-19 | CVE-2024-25978 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. | 7.5 |
| 2024-02-14 | CVE-2024-21771 | Allocation of Resources Without Limits or Throttling vulnerability in F5 Big-Ip Advanced Firewall Manager For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel (TMM) restarting and traffic disruption. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | 7.5 |
| 2024-02-14 | CVE-2024-23979 | Allocation of Resources Without Limits or Throttling vulnerability in F5 products When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. | 7.5 |
| 2024-02-14 | CVE-2023-50387 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. | 7.5 |
| 2024-02-11 | CVE-2024-21875 | Allocation of Resources Without Limits or Throttling vulnerability in Badge.Team Hacker Hotel Badge 2024 Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial of service attack.Team Hacker Hotel Badge 2024 on risc-v (billboard modules) allows Flooding.This issue affects Hacker Hotel Badge 2024: from 0.1.0 through 0.1.3. | 6.5 |
| 2024-02-11 | CVE-2023-52427 | Allocation of Resources Without Limits or Throttling vulnerability in Objectcomputing Opendds 3.23.1 In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resource_limits.max_samples. | 7.5 |
| 2024-02-07 | CVE-2024-1066 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay` | 6.5 |
| 2024-02-07 | CVE-2024-25143 | Allocation of Resources Without Limits or Throttling vulnerability in Liferay Portal The Document and Media widget In Liferay Portal 7.2.0 through 7.3.6, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 13, and older unsupported versions, does not limit resource consumption when generating a preview image, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted PNG images. | 6.5 |
| 2024-02-02 | CVE-2023-45028 | Allocation of Resources Without Limits or Throttling vulnerability in Qnap Qts, Quts Hero and Qutscloud An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. | 4.9 |
| 2024-01-29 | CVE-2024-23826 | Allocation of Resources Without Limits or Throttling vulnerability in Se.Math.Spbu Spbu SE Site spbu_se_site is the website of the Department of System Programming of St. | 5.7 |