Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-15 | CVE-2024-28053 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server Resource Exhaustion in Mattermost Server versions 8.1.x before 8.1.10 fails to limit the size of the payload that can be read and parsed allowing an attacker to send a very large email payload and crash the server. | 6.5 |
| 2024-03-13 | CVE-2020-11862 | Allocation of Resources Without Limits or Throttling vulnerability in Opentext Netiq Privileged Account Manager Allocation of Resources Without Limits or Throttling vulnerability in OpenText NetIQ Privileged Account Manager on Linux, Windows, 64 bit allows Flooding.This issue affects NetIQ Privileged Account Manager: before 3.7.0.2. | 7.5 |
| 2024-03-11 | CVE-2024-26618 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit sme_alloc() early with existing storage When sme_alloc() is called with existing storage and we are not flushing we will always allocate new storage, both leaking the existing storage and corrupting the state. | 5.5 |
| 2024-03-06 | CVE-2023-52606 | Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. | 5.5 |
| 2024-02-29 | CVE-2024-1953 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the server to run out of memory and crash by issuing an unusually large HTTP request. | 4.3 |
| 2024-02-29 | CVE-2024-20321 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Nx-Os A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. | 8.6 |
| 2024-02-29 | CVE-2023-50658 | Allocation of Resources Without Limits or Throttling vulnerability in Dvsekhvalnov Jose2Go The jose2go component before 1.6.0 for Go allows attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value. | 7.5 |
| 2024-02-26 | CVE-2024-22201 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Jetty is a Java based web server and servlet engine. | 7.5 |
| 2024-02-26 | CVE-2024-23835 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
| 2024-02-26 | CVE-2024-23836 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |