Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2022-09-08 CVE-2022-25897 Allocation of Resources Without Limits or Throttling vulnerability in Eclipse Milo
The package org.eclipse.milo:sdk-server before 0.6.8 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.
network
low complexity
eclipse CWE-770
7.5
2022-09-07 CVE-2022-36049 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Flux2 is a tool for keeping Kubernetes clusters in sync with sources of configuration, and Flux's helm-controller is a Kubernetes operator that allows one to declaratively manage Helm chart releases.
network
low complexity
helm fluxcd CWE-770
7.5
2022-09-01 CVE-2020-35534 Allocation of Resources Without Limits or Throttling vulnerability in Libraw
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
local
low complexity
libraw CWE-770
5.5
2022-09-01 CVE-2022-36055 Allocation of Resources Without Limits or Throttling vulnerability in Helm
Helm is a tool for managing Charts.
network
low complexity
helm CWE-770
6.5
2022-08-31 CVE-2022-38153 Allocation of Resources Without Limits or Throttling vulnerability in Wolfssl 5.3.0
An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, only version 5.3.0 is exploitable.
network
high complexity
wolfssl CWE-770
5.9
2022-08-31 CVE-2022-1325 Allocation of Resources Without Limits or Throttling vulnerability in Cimg
A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer.
local
low complexity
cimg CWE-770
5.5
2022-08-26 CVE-2022-0084 Allocation of Resources Without Limits or Throttling vulnerability in Redhat products
A flaw was found in XNIO, specifically in the notifyReadClosed method.
network
low complexity
redhat CWE-770
7.5
2022-08-26 CVE-2021-3669 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux ibm debian fedoraproject redhat CWE-770
5.5
2022-08-23 CVE-2021-3759 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores.
local
low complexity
linux debian CWE-770
5.5
2022-08-23 CVE-2022-24298 Allocation of Resources Without Limits or Throttling vulnerability in Freeopcua Project Freeopcua
All versions of package freeopcua/freeopcua are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.
network
low complexity
freeopcua-project CWE-770
7.5