Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2022-04-25 CVE-2022-28871 Allocation of Resources Without Limits or Throttling vulnerability in F-Secure Atlant
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine.
network
low complexity
f-secure CWE-770
7.5
2022-04-15 CVE-2021-44502 Allocation of Resources Without Limits or Throttling vulnerability in Fisglobal Gt.M
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base).
network
low complexity
fisglobal CWE-770
7.5
2022-04-15 CVE-2022-20622 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Aironet Access Point Software
A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition.
network
low complexity
cisco CWE-770
7.5
2022-04-15 CVE-2022-20717 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Sd-Wan Vedge Router 20.7
A vulnerability in the NETCONF process of Cisco SD-WAN vEdge Routers could allow an authenticated, local attacker to cause an affected device to run out of memory, resulting in a denial of service (DoS) condition.
local
low complexity
cisco CWE-770
5.5
2022-04-13 CVE-2022-1333 Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Playbooks
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number of webhooks, which allows authenticated and authorized users to create a specifically drafted Playbook which could trigger a large amount of webhook requests leading to Denial of Service.
network
low complexity
mattermost CWE-770
6.5
2022-04-13 CVE-2022-1337 Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server
The image proxy component in Mattermost version 6.4.1 and earlier allocates memory for multiple copies of a proxied image, which allows an authenticated attacker to crash the server via links to very large image files.
network
low complexity
mattermost CWE-770
6.5
2022-04-07 CVE-2022-27819 Allocation of Resources Without Limits or Throttling vulnerability in Waycrate Swhkd 1.1.5
SWHKD 1.1.5 allows unsafe parsing via the -c option.
local
high complexity
waycrate CWE-770
5.3
2022-04-04 CVE-2022-1121 Allocation of Resources Without Limits or Throttling vulnerability in Gitlab
A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption.
network
low complexity
gitlab CWE-770
5.3
2022-04-01 CVE-2022-22950 Allocation of Resources Without Limits or Throttling vulnerability in VMWare Spring Framework
n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.
network
low complexity
vmware CWE-770
6.5
2022-04-01 CVE-2022-22404 Allocation of Resources Without Limits or Throttling vulnerability in IBM APP Connect Enterprise Certified Container
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting.
network
low complexity
ibm CWE-770
6.5