Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-30 | CVE-2023-33656 | Allocation of Resources Without Limits or Throttling vulnerability in Emqx Nanomq 0.17.2 A memory leak vulnerability exists in NanoMQ 0.17.2. | 5.5 |
| 2023-05-30 | CVE-2023-2650 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. | 6.5 |
| 2023-05-12 | CVE-2023-2666 | Allocation of Resources Without Limits or Throttling vulnerability in Froxlor Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16. | 7.5 |
| 2023-05-10 | CVE-2023-25568 | Allocation of Resources Without Limits or Throttling vulnerability in Protocol Boxo 0.4.0/0.5.0 Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. | 7.5 |
| 2023-05-09 | CVE-2023-31472 | Allocation of Resources Without Limits or Throttling vulnerability in Gl-Inet products An issue was discovered on GL.iNet devices before 3.216. | 7.5 |
| 2023-05-08 | CVE-2023-30551 | Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Rekor Rekor is an open source software supply chain transparency log. | 7.5 |
| 2023-04-28 | CVE-2023-27556 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Safer Payments IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service. | 7.5 |
| 2023-04-21 | CVE-2023-29575 | Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.6.0639 Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component. | 5.5 |
| 2023-04-17 | CVE-2023-28968 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Appid Service Sigpack, Jdpi-Decoder Engine and Junos An Improperly Controlled Sequential Memory Allocation vulnerability in the Juniper Networks Deep Packet Inspection-Decoder (JDPI-Decoder) Application Signature component of Junos OS's AppID service on SRX Series devices will stop the JDPI-Decoder from identifying dynamic application traffic, allowing an unauthenticated network-based attacker to send traffic to the target device using the JDPI-Decoder, designed to inspect dynamic application traffic and take action upon this traffic, to instead begin to not take action and to pass the traffic through. | 5.3 |
| 2023-04-13 | CVE-2023-29573 | Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.6.0639 Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp4info component. | 5.5 |