Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2021-08-27 CVE-2021-28700 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
xen/arm: No memory limit for dom0less domUs The dom0less feature allows an administrator to create multiple unprivileged domains directly from Xen.
network
low complexity
xen fedoraproject debian CWE-770
4.9
2021-08-25 CVE-2021-1592 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Unified Computing System
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-770
4.3
2021-08-25 CVE-2018-10790 Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.5.1.0
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
network
low complexity
axiosys CWE-770
7.5
2021-08-20 CVE-2021-22246 Allocation of Resources Without Limits or Throttling vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 14.0.2, 13.12.6, 13.11.6.
network
low complexity
gitlab CWE-770
6.5
2021-08-19 CVE-2020-18899 Allocation of Resources Without Limits or Throttling vulnerability in Exiv2 0.27
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.
network
low complexity
exiv2 CWE-770
6.5
2021-08-18 CVE-2021-0420 Allocation of Resources Without Limits or Throttling vulnerability in Google Android 10.0/11.0
In memory management driver, there is a possible system crash due to a missing bounds check.
local
low complexity
google CWE-770
5.5
2021-08-13 CVE-2021-32068 Allocation of Resources Without Limits or Throttling vulnerability in Mitel Micollab
The AWV and MiCollab Client Service components in Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack by sending multiple session renegotiation requests, due to insufficient TLS session controls.
network
high complexity
mitel CWE-770
3.7
2021-08-09 CVE-2021-36798 Allocation of Resources Without Limits or Throttling vulnerability in Helpsystems Cobalt Strike 4.2/4.3
A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3.
network
low complexity
helpsystems CWE-770
7.5
2021-08-05 CVE-2021-22919 Allocation of Resources Without Limits or Throttling vulnerability in Citrix products
A vulnerability has been discovered in Citrix ADC (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway), and Citrix SD-WAN WANOP Edition models 4000-WO, 4100-WO, 5000-WO, and 5100-WO.
network
low complexity
citrix CWE-770
7.5
2021-08-03 CVE-2021-33320 Allocation of Resources Without Limits or Throttling vulnerability in Liferay DXP 7.0
The Flags module in Liferay Portal 7.3.1 and earlier, and Liferay DXP 7.0 before fix pack 96, 7.1 before fix pack 20, and 7.2 before fix pack 5, does not limit the rate at which content can be flagged as inappropriate, which allows remote authenticated users to spam the site administrator with emails
network
low complexity
liferay CWE-770
4.3