Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2023-02-17 CVE-2023-24785 Allocation of Resources Without Limits or Throttling vulnerability in Peazip Project Peazip 9.0.0
An issue in Giorgio Tani peazip v.9.0.0 allows attackers to cause a denial of service via the End of Archive tag function of the peazip/pea UNPEA feature.
local
low complexity
peazip-project CWE-770
5.5
2023-02-16 CVE-2023-25153 Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Containerd
containerd is an open source container runtime.
local
low complexity
linuxfoundation CWE-770
5.5
2023-02-16 CVE-2023-0568 Allocation of Resources Without Limits or Throttling vulnerability in PHP
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small.
network
high complexity
php CWE-770
8.1
2023-02-15 CVE-2023-25171 Allocation of Resources Without Limits or Throttling vulnerability in Kiwitcms Kiwi Tcms
Kiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0.
network
high complexity
kiwitcms CWE-770
5.9
2023-02-15 CVE-2023-25578 Allocation of Resources Without Limits or Throttling vulnerability in Starliteproject Starlite
Starlite is an Asynchronous Server Gateway Interface (ASGI) framework.
network
low complexity
starliteproject CWE-770
7.5
2023-02-14 CVE-2023-25576 Allocation of Resources Without Limits or Throttling vulnerability in Fastify Fastify-Multipart
@fastify/multipart is a Fastify plugin to parse the multipart content-type.
network
low complexity
fastify CWE-770
7.5
2023-02-04 CVE-2023-25193 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
network
low complexity
harfbuzz-project fedoraproject CWE-770
7.5
2023-02-01 CVE-2023-23969 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing.
network
low complexity
djangoproject debian CWE-770
7.5
2023-02-01 CVE-2023-22323 Allocation of Resources Without Limits or Throttling vulnerability in F5 products
In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization.
network
low complexity
f5 CWE-770
7.5
2023-02-01 CVE-2023-23846 Allocation of Resources Without Limits or Throttling vulnerability in Open5Gs
Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop.
network
low complexity
open5gs CWE-770
7.5