Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-27 | CVE-2022-22278 | Allocation of Resources Without Limits or Throttling vulnerability in Sonicwall products A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack | 7.5 |
| 2022-04-27 | CVE-2022-29701 | Allocation of Resources Without Limits or Throttling vulnerability in Zammad 5.1.0 A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. | 7.5 |
| 2022-04-25 | CVE-2022-28871 | Allocation of Resources Without Limits or Throttling vulnerability in F-Secure Atlant A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. | 7.5 |
| 2022-04-15 | CVE-2021-44502 | Allocation of Resources Without Limits or Throttling vulnerability in Fisglobal Gt.M An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). | 7.5 |
| 2022-04-15 | CVE-2022-20622 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Aironet Access Point Software A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. | 7.5 |
| 2022-04-15 | CVE-2022-20717 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Sd-Wan Vedge Router 20.7 A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition. | 5.5 |
| 2022-04-13 | CVE-2022-1333 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Playbooks Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number of webhooks, which allows authenticated and authorized users to create a specifically drafted Playbook which could trigger a large amount of webhook requests leading to Denial of Service. | 6.5 |
| 2022-04-13 | CVE-2022-1337 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server The image proxy component in Mattermost version 6.4.1 and earlier allocates memory for multiple copies of a proxied image, which allows an authenticated attacker to crash the server via links to very large image files. | 6.5 |
| 2022-04-07 | CVE-2022-27819 | Allocation of Resources Without Limits or Throttling vulnerability in Waycrate Swhkd 1.1.5 SWHKD 1.1.5 allows unsafe parsing via the -c option. | 5.3 |
| 2022-04-04 | CVE-2022-1121 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption. | 5.3 |