Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2022-08-23 CVE-2022-24381 Allocation of Resources Without Limits or Throttling vulnerability in Asneg OPC UA Stack
All versions of package asneg/opcuastack are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.
network
low complexity
asneg CWE-770
7.5
2022-08-23 CVE-2022-25231 Allocation of Resources Without Limits or Throttling vulnerability in Node-Opcua Project Node-Opcua
The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) by sending a specifically crafted OPC UA message with a special OPC UA NodeID, when the requested memory allocation exceeds the v8’s memory limit.
network
low complexity
node-opcua-project CWE-770
7.5
2022-08-23 CVE-2022-25304 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
All versions of package opcua; all versions of package asyncua are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.
network
low complexity
asyncua-project opcua-project CWE-770
7.5
2022-08-23 CVE-2022-25761 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The package open62541/open62541 before 1.2.5, from 1.3-rc1 and before 1.3.1 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.
network
low complexity
open62541 fedoraproject CWE-770
7.5
2022-08-23 CVE-2022-25888 Allocation of Resources Without Limits or Throttling vulnerability in Opcua Project Opcua
The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) due to a missing limitation on the number of received chunks - per single session or in total for all concurrent sessions.
network
low complexity
opcua-project CWE-770
7.5
2022-08-16 CVE-2020-14322 Allocation of Resources Without Limits or Throttling vulnerability in Moodle
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it can load to help mitigate the risk of denial of service.
network
low complexity
moodle CWE-770
7.5
2022-08-16 CVE-2022-35009 Allocation of Resources Without Limits or Throttling vulnerability in Pngdec Project Pngdec 1.0.0/1.0.1
PNGDec commit 8abf6be was discovered to contain a memory allocation problem via asan_malloc_linux.cpp.
network
low complexity
pngdec-project CWE-770
6.5
2022-08-16 CVE-2022-35107 Allocation of Resources Without Limits or Throttling vulnerability in Swftools
SWFTools commit 772e55a2 was discovered to contain a stack overflow via vfprintf at /stdio-common/vfprintf.c.
local
low complexity
swftools CWE-770
5.5
2022-08-16 CVE-2022-35111 Allocation of Resources Without Limits or Throttling vulnerability in Swftools
SWFTools commit 772e55a2 was discovered to contain a stack overflow via __sanitizer::StackDepotNode::hash(__sanitizer::StackTrace const&) at /sanitizer_common/sanitizer_stackdepot.cpp.
local
low complexity
swftools CWE-770
5.5
2022-08-16 CVE-2022-36146 Allocation of Resources Without Limits or Throttling vulnerability in Swfmill
SWFMill commit 53d7690 was discovered to contain a memory allocation issue via operator new[](unsigned long) at asan_new_delete.cpp.
local
low complexity
swfmill CWE-770
5.5