Vulnerabilities > Allocation of Resources Without Limits or Throttling
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-24 | CVE-2022-24614 | Allocation of Resources Without Limits or Throttling vulnerability in Metadata-Extractor Project Metadata-Extractor When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can be made to allocate large amounts of memory that finally leads to an out-of-memory error even for very small inputs. | 5.5 |
2022-02-19 | CVE-2016-20013 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products sha256crypt and sha512crypt through 0.6 allow attackers to cause a denial of service (CPU consumption) because the algorithm's runtime is proportional to the square of the length of the password. | 7.5 |
2022-02-18 | CVE-2022-23228 | Allocation of Resources Without Limits or Throttling vulnerability in Pexip Infinity Pexip Infinity before 27.0 has improper WebRTC input validation. | 7.5 |
2022-02-16 | CVE-2021-22050 | Allocation of Resources Without Limits or Throttling vulnerability in VMWare Esxi 6.5/6.7 ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. | 7.5 |
2022-02-15 | CVE-2022-21698 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. | 7.5 |
2022-02-04 | CVE-2021-32036 | Allocation of Resources Without Limits or Throttling vulnerability in Mongodb An authenticated user without any specific authorizations may be able to repeatedly invoke the features command where at a high volume may lead to resource depletion or generate high lock contention. | 7.1 |
2022-02-03 | CVE-2022-21732 | Allocation of Resources Without Limits or Throttling vulnerability in Google Tensorflow Tensorflow is an Open Source Machine Learning Framework. | 6.5 |
2022-02-03 | CVE-2021-41840 | Allocation of Resources Without Limits or Throttling vulnerability in Insyde Insydeh2O An issue was discovered in NvmExpressDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. | 8.2 |
2022-02-01 | CVE-2022-24196 | Allocation of Resources Without Limits or Throttling vulnerability in Itextpdf Itext iText v7.1.17, up to (exluding)": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | 6.5 |
2022-01-27 | CVE-2021-28096 | Allocation of Resources Without Limits or Throttling vulnerability in Stormshield Network Security An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). | 5.3 |