Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-02 | CVE-2023-29408 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The TIFF decoder does not place a limit on the size of compressed tile data. | 6.5 |
| 2023-08-02 | CVE-2022-46485 | Allocation of Resources Without Limits or Throttling vulnerability in Ngsurvey 2.4.28 Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial of Service if a survey contains a "Text Field", "Comment Field" or "Contact Details". | 7.5 |
| 2023-07-28 | CVE-2023-38498 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open source discussion platform. | 6.5 |
| 2023-07-27 | CVE-2023-38492 | Allocation of Resources Without Limits or Throttling vulnerability in Getkirby Kirby Kirby is a content management system. | 7.5 |
| 2023-07-13 | CVE-2023-29449 | Allocation of Resources Without Limits or Throttling vulnerability in Zabbix JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. | 4.9 |
| 2023-07-11 | CVE-2023-36521 | Allocation of Resources Without Limits or Throttling vulnerability in Siemens products A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3.4), SIMATIC MV540 S (All versions < V3.3.4), SIMATIC MV550 H (All versions < V3.3.4), SIMATIC MV550 S (All versions < V3.3.4), SIMATIC MV560 U (All versions < V3.3.4), SIMATIC MV560 X (All versions < V3.3.4). | 7.5 |
| 2023-07-10 | CVE-2023-27540 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Cloud PAK for Data and Watson Cp4D Data Stores IBM Watson CP4D Data Stores 4.6.0 does not properly allocate resources without limits or throttling which could allow a remote attacker with information specific to the system to cause a denial of service. | 7.5 |
| 2023-06-28 | CVE-2023-20108 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Unified Communications Manager IM and Presence Service 12.5(1)/14Su A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are attempting to authenticate to the service, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. | 7.5 |
| 2023-06-15 | CVE-2023-34455 | Allocation of Resources Without Limits or Throttling vulnerability in Xerial Snappy-Java snappy-java is a fast compressor/decompressor for Java. | 7.5 |
| 2023-06-14 | CVE-2023-35116 | Allocation of Resources Without Limits or Throttling vulnerability in Fasterxml Jackson-Databind jackson-databind through 2.15.2 allows attackers to cause a denial of service or other unspecified impact via a crafted object that uses cyclic dependencies. | 4.7 |