Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-27 | CVE-2022-46416 | Allocation of Resources Without Limits or Throttling vulnerability in Parrot Bebop Firmware 4.7.1 Parrot Bebop 4.7.1. | 5.9 |
| 2023-03-27 | CVE-2023-28867 | Allocation of Resources Without Limits or Throttling vulnerability in Graphql-Java In GraphQL Java (aka graphql-java) before 20.1, an attacker can send a crafted GraphQL query that causes stack consumption. | 7.5 |
| 2023-03-23 | CVE-2023-1544 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. | 6.3 |
| 2023-03-23 | CVE-2023-20067 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XE A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2023-03-21 | CVE-2022-42333 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. | 8.6 |
| 2023-03-21 | CVE-2022-42334 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. | 6.5 |
| 2023-03-18 | CVE-2021-46877 | Allocation of Resources Without Limits or Throttling vulnerability in Fasterxml Jackson-Databind jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. | 7.5 |
| 2023-03-16 | CVE-2023-28104 | Allocation of Resources Without Limits or Throttling vulnerability in Silverstripe Graphql 4.1.1/4.2.2 `silverstripe/graphql` serves Silverstripe data as GraphQL representations. | 7.5 |
| 2023-03-15 | CVE-2023-28338 | Allocation of Resources Without Limits or Throttling vulnerability in Netgear Rax30 Firmware Any request send to a Netgear Nighthawk Wifi6 Router (RAX30)'s web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. | 7.5 |
| 2023-03-15 | CVE-2023-27596 | Allocation of Resources Without Limits or Throttling vulnerability in Opensips OpenSIPS is a Session Initiation Protocol (SIP) server implementation. | 7.5 |