Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-16 | CVE-2022-25169 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files. | 5.5 |
| 2022-05-16 | CVE-2022-30775 | Allocation of Resources Without Limits or Throttling vulnerability in Xpdfreader Xpdf 4.04 xpdf 4.04 allocates excessive memory when presented with crafted input. | 5.5 |
| 2022-05-12 | CVE-2022-22970 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. | 5.3 |
| 2022-05-12 | CVE-2022-22971 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. | 6.5 |
| 2022-05-11 | CVE-2022-1428 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. | 4.3 |
| 2022-05-10 | CVE-2021-39670 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android 12.0/12.1 In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. | 5.5 |
| 2022-05-03 | CVE-2022-20751 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Threat Defense A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. | 7.5 |
| 2022-05-03 | CVE-2022-20757 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Threat Defense A vulnerability in the connection handling function in Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2022-05-03 | CVE-2022-20767 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Threat Defense A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2022-05-02 | CVE-2022-29973 | Allocation of Resources Without Limits or Throttling vulnerability in Exfat Project Exfat 1.3.0 relan exFAT 1.3.0 allows local users to obtain sensitive information (data from deleted files in the filesystem) in certain situations involving offsets beyond ValidDataLength. | 4.7 |