Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-02 | CVE-2021-21294 | Allocation of Resources Without Limits or Throttling vulnerability in Typelevel Http4S Http4s (http4s-blaze-server) is a minimal, idiomatic Scala interface for HTTP services. | 7.5 |
| 2021-02-02 | CVE-2021-21293 | Allocation of Resources Without Limits or Throttling vulnerability in Typelevel Blaze blaze is a Scala library for building asynchronous pipelines, with a focus on network IO. | 7.5 |
| 2021-01-28 | CVE-2021-20185 | Allocation of Resources Without Limits or Throttling vulnerability in Moodle It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that messaging did not impose a character limit when sending messages, which could result in client-side (browser) denial of service for users receiving very large messages. | 5.3 |
| 2021-01-18 | CVE-2021-25173 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. | 7.8 |
| 2021-01-13 | CVE-2021-21607 | Allocation of Resources Without Limits or Throttling vulnerability in Jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs that use all available memory in Jenkins, potentially leading to out of memory errors. | 6.5 |
| 2021-01-08 | CVE-2021-1057 | Allocation of Resources Without Limits or Throttling vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure. | 7.8 |
| 2021-01-08 | CVE-2020-36049 | Allocation of Resources Without Limits or Throttling vulnerability in Socket Socket.Io-Parser socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used. | 7.5 |
| 2020-12-31 | CVE-2020-35896 | Allocation of Resources Without Limits or Throttling vulnerability in Ws-Rs Project Ws-Rs An issue was discovered in the ws crate through 2020-09-25 for Rust. | 7.5 |
| 2020-12-29 | CVE-2020-5806 | Allocation of Resources Without Limits or Throttling vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. | 5.5 |
| 2020-12-29 | CVE-2020-5802 | Allocation of Resources Without Limits or Throttling vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. | 7.5 |