Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-26 | CVE-2024-23837 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products LibHTP is a security-aware parser for the HTTP protocol. | 7.5 |
| 2024-02-23 | CVE-2023-51393 | Allocation of Resources Without Limits or Throttling vulnerability in Silabs Emberznet Due to an allocation of resources without limits, an uncontrolled resource consumption vulnerability exists in Silicon Labs Ember ZNet SDK prior to v7.4.0.0 (delivered as part of Silicon Labs Gecko SDK v4.4.0) which may enable attackers to trigger a bus fault and crash of the device, requiring a reboot in order to rejoin the network. | 7.5 |
| 2024-02-20 | CVE-2024-26265 | Allocation of Resources Without Limits or Throttling vulnerability in Liferay Portal The Image Uploader module in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions relies on a request parameter to limit the size of files that can be uploaded, which allows remote authenticated users to upload arbitrarily large files to the system's temp folder by modifying the `maxFileSize` parameter. | 6.5 |
| 2024-02-19 | CVE-2024-25978 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. | 7.5 |
| 2024-02-14 | CVE-2024-21771 | Allocation of Resources Without Limits or Throttling vulnerability in F5 Big-Ip Advanced Firewall Manager For unspecified traffic patterns, BIG-IP AFM IPS engine may spend an excessive amount of time matching the traffic against signatures, resulting in Traffic Management Microkernel (TMM) restarting and traffic disruption. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | 7.5 |
| 2024-02-14 | CVE-2024-23979 | Allocation of Resources Without Limits or Throttling vulnerability in F5 products When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point (CRLDP) authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. | 7.5 |
| 2024-02-14 | CVE-2023-50387 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. | 7.5 |
| 2024-02-11 | CVE-2024-21875 | Allocation of Resources Without Limits or Throttling vulnerability in Badge.Team Hacker Hotel Badge 2024 Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial of service attack.Team Hacker Hotel Badge 2024 on risc-v (billboard modules) allows Flooding.This issue affects Hacker Hotel Badge 2024: from 0.1.0 through 0.1.3. | 6.5 |
| 2024-02-11 | CVE-2023-52427 | Allocation of Resources Without Limits or Throttling vulnerability in Objectcomputing Opendds 3.23.1 In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resource_limits.max_samples. | 7.5 |
| 2024-02-07 | CVE-2024-1066 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay` | 6.5 |