Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-04 | CVE-2023-25193 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. | 7.5 |
| 2023-02-01 | CVE-2023-23969 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. | 7.5 |
| 2023-02-01 | CVE-2023-22323 | Allocation of Resources Without Limits or Throttling vulnerability in F5 products In BIP-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when OCSP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. | 7.5 |
| 2023-02-01 | CVE-2023-23846 | Allocation of Resources Without Limits or Throttling vulnerability in Open5Gs Due to insufficient length validation in the Open5GS GTP library versions prior to versions 2.4.13 and 2.5.7, when parsing extension headers in GPRS tunneling protocol (GPTv1-U) messages, a protocol payload with any extension header length set to zero causes an infinite loop. | 7.5 |
| 2023-01-26 | CVE-2022-20456 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2023-01-26 | CVE-2022-20489 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2023-01-26 | CVE-2022-20490 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In multiple functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2023-01-26 | CVE-2022-20492 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2023-01-26 | CVE-2022-20494 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource exhaustion. | 5.5 |
| 2023-01-20 | CVE-2023-20047 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco products A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco Webex Room Phone and Cisco Webex Share devices could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient resource allocation. | 6.5 |