Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-21 | CVE-2023-42457 | Allocation of Resources Without Limits or Throttling vulnerability in Plone Rest 2.0.0/3.0.0 plone.rest allows users to use HTTP verbs such as GET, POST, PUT, DELETE, etc. | 7.5 |
| 2023-09-21 | CVE-2023-43632 | Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Edge Virtualization Engine As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients. | 9.9 |
| 2023-09-20 | CVE-2023-37279 | Allocation of Resources Without Limits or Throttling vulnerability in Contribsys Faktory Faktory is a language-agnostic persistent background job server. | 7.5 |
| 2023-09-20 | CVE-2022-47562 | Allocation of Resources Without Limits or Throttling vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware Vulnerability in the RCPbind service running on UDP port (111), allowing a remote attacker to create a denial of service (DoS) condition. | 7.5 |
| 2023-09-15 | CVE-2023-41042 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open-source discussion platform. | 6.5 |
| 2023-09-15 | CVE-2023-38039 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. | 7.5 |
| 2023-09-11 | CVE-2023-4578 | Allocation of Resources Without Limits or Throttling vulnerability in Mozilla Thunderbird When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. | 6.5 |
| 2023-09-08 | CVE-2023-39322 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO 1.21.0/1.21.00 QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. | 7.5 |
| 2023-09-01 | CVE-2023-4647 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on certain instances. | 7.5 |
| 2023-08-22 | CVE-2022-48064 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. | 5.5 |