Vulnerabilities > Allocation of Resources Without Limits or Throttling
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-09 | CVE-2022-24741 | Allocation of Resources Without Limits or Throttling vulnerability in Nextcloud Server Nextcloud server is an open source, self hosted cloud style services platform. | 6.5 |
2022-03-03 | CVE-2022-21716 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Twisted is an event-based framework for internet applications, supporting Python 3.6+. | 7.5 |
2022-02-28 | CVE-2022-24685 | Allocation of Resources Without Limits or Throttling vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise 1.0.17, 1.1.11, and 1.2.5 allow invalid HCL for the jobs parse endpoint, which may cause excessive CPU usage. | 7.5 |
2022-02-24 | CVE-2022-24614 | Allocation of Resources Without Limits or Throttling vulnerability in Metadata-Extractor Project Metadata-Extractor When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. | 5.5 |
2022-02-19 | CVE-2016-20013 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. | 7.5 |
2022-02-18 | CVE-2022-23228 | Allocation of Resources Without Limits or Throttling vulnerability in Pexip Infinity Pexip Infinity before 27.0 has improper WebRTC input validation. | 7.5 |
2022-02-16 | CVE-2021-22050 | Allocation of Resources Without Limits or Throttling vulnerability in VMWare Esxi 6.5/6.7 ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. | 7.5 |
2022-02-15 | CVE-2022-21698 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. | 7.5 |
2022-02-04 | CVE-2021-32036 | Allocation of Resources Without Limits or Throttling vulnerability in Mongodb An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. | 7.1 |
2022-02-03 | CVE-2022-21732 | Allocation of Resources Without Limits or Throttling vulnerability in Google Tensorflow Tensorflow is an Open Source Machine Learning Framework. | 6.5 |