Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-29 | CVE-2022-29503 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. | 9.8 |
| 2022-09-21 | CVE-2022-35089 | Allocation of Resources Without Limits or Throttling vulnerability in Swftools SWFTools commit 772e55a2 was discovered to contain a heap-buffer-overflow via getTransparentColor at /home/bupt/Desktop/swftools/src/gif2swf. | 5.5 |
| 2022-09-20 | CVE-2022-34917 | Allocation of Resources Without Limits or Throttling vulnerability in Apache Kafka 2.8.0/2.8.1/3.0.0 A security vulnerability has been identified in Apache Kafka. | 7.5 |
| 2022-09-16 | CVE-2022-40762 | Allocation of Resources Without Limits or Throttling vulnerability in Samsung Mtower 0.1.0/0.2.0/0.3.0 A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len. | 7.5 |
| 2022-09-14 | CVE-2022-3212 | Allocation of Resources Without Limits or Throttling vulnerability in Axum-Core Project Axum-Core <bytes::Bytes as axum_core::extract::FromRequest>::from_request would not, by default, set a limit for the size of the request body. | 7.5 |
| 2022-09-09 | CVE-2022-3147 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server Mattermost version 7.0.x and earlier fails to sufficiently limit the in-memory sizes of concurrently uploaded JPEG images, which allows authenticated users to cause resource exhaustion on specific system configurations, resulting in server-side Denial of Service. | 6.5 |
| 2022-09-08 | CVE-2022-25897 | Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Milo The package org.eclipse.milo:sdk-server before 0.6.8 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False. | 7.5 |
| 2022-09-07 | CVE-2022-36049 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases. | 7.5 |
| 2022-09-01 | CVE-2020-35534 | Allocation of Resources Without Limits or Throttling vulnerability in Libraw In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files. | 5.5 |
| 2022-09-01 | CVE-2022-36055 | Allocation of Resources Without Limits or Throttling vulnerability in Helm Helm is a tool for managing Charts. | 6.5 |