Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-15 | CVE-2023-40019 | Allocation of Resources Without Limits or Throttling vulnerability in Freeswitch FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. | 6.5 |
| 2023-09-15 | CVE-2023-40588 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open-source discussion platform. | 6.5 |
| 2023-09-15 | CVE-2023-41042 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open-source discussion platform. | 6.5 |
| 2023-09-15 | CVE-2023-41043 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open-source discussion platform. | 6.5 |
| 2023-09-15 | CVE-2023-38039 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. | 7.5 |
| 2023-09-11 | CVE-2023-4578 | Allocation of Resources Without Limits or Throttling vulnerability in Mozilla Thunderbird When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. | 6.5 |
| 2023-09-08 | CVE-2023-39322 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO 1.21.0/1.21.00 QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. | 7.5 |
| 2023-09-05 | CVE-2023-34994 | Allocation of Resources Without Limits or Throttling vulnerability in Openautomationsoftware OAS Platform 18.00.0072 An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. | 4.3 |
| 2023-09-01 | CVE-2023-4647 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on certain instances. | 7.5 |
| 2023-08-22 | CVE-2022-48064 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. | 5.5 |