Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-23 | CVE-2022-4045 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data. | 6.5 |
| 2022-11-23 | CVE-2022-4019 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user to crash the server via multiple large requests to one of the Playbooks API endpoints. | 6.5 |
| 2022-11-23 | CVE-2022-4044 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages. | 6.5 |
| 2022-11-18 | CVE-2022-45471 | Allocation of Resources Without Limits or Throttling vulnerability in Jetbrains HUB In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address | 7.5 |
| 2022-11-15 | CVE-2022-3480 | Allocation of Resources Without Limits or Throttling vulnerability in Phoenixcontact products A remote, unauthenticated attacker could cause a denial-of-service of PHOENIX CONTACT FL MGUARD and TC MGUARD devices below version 8.9.0 by sending a larger number of unauthenticated HTTPS connections originating from different source IP’s. | 7.5 |
| 2022-11-14 | CVE-2022-43686 | Allocation of Resources Without Limits or Throttling vulnerability in Concretecms Concrete CMS In Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2, the authTypeConcreteCookieMap table can be filled up causing a denial of service (high load). | 6.5 |
| 2022-11-09 | CVE-2021-34568 | Allocation of Resources Without Limits or Throttling vulnerability in Wago products In WAGO I/O-Check Service in multiple products an unauthenticated remote attacker can send a specially crafted packet containing OS commands to provoke a denial of service. | 7.5 |
| 2022-11-04 | CVE-2022-43945 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. | 7.5 |
| 2022-11-01 | CVE-2022-42311 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. | 6.5 |
| 2022-11-01 | CVE-2022-42312 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. | 6.5 |