Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2021-10-11 CVE-2021-41799 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time).
network
low complexity
mediawiki fedoraproject CWE-770
7.5
2021-10-11 CVE-2021-41800 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time).
network
low complexity
mediawiki fedoraproject CWE-770
5.3
2021-10-05 CVE-2021-35492 Allocation of Resources Without Limits or Throttling vulnerability in Wowza Streaming Engine
Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter.
network
low complexity
wowza CWE-770
6.5
2021-10-04 CVE-2021-41591 Allocation of Resources Without Limits or Throttling vulnerability in Acinq Eclair
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure.
network
low complexity
acinq CWE-770
critical
9.4
2021-10-04 CVE-2021-41592 Allocation of Resources Without Limits or Throttling vulnerability in Elementsproject C-Lightning 0.7.1
Blockstream c-lightning through 0.10.1 allows loss of funds because of dust HTLC exposure.
network
low complexity
elementsproject CWE-770
critical
9.4
2021-10-04 CVE-2021-41593 Allocation of Resources Without Limits or Throttling vulnerability in Lightning Network Daemon Project Lightning Network Daemon
Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure.
network
low complexity
lightning-network-daemon-project CWE-770
8.6
2021-09-27 CVE-2021-34415 Allocation of Resources Without Limits or Throttling vulnerability in Zoom Meeting Connector
The Zone Controller service in the Zoom On-Premise Meeting Connector Controller before version 4.6.358.20210205 does not verify the cnt field sent in incoming network packets, which leads to exhaustion of resources and system crash.
network
low complexity
zoom CWE-770
7.5
2021-09-27 CVE-2021-0422 Allocation of Resources Without Limits or Throttling vulnerability in Google Android 10.0/11.0
In memory management driver, there is a possible system crash due to a missing bounds check.
local
low complexity
google CWE-770
5.5
2021-09-27 CVE-2021-0424 Allocation of Resources Without Limits or Throttling vulnerability in Google Android 10.0/11.0
In memory management driver, there is a possible system crash due to a missing bounds check.
local
low complexity
google CWE-770
5.5
2021-09-16 CVE-2021-29763 Allocation of Resources Without Limits or Throttling vulnerability in IBM DB2 11.1/11.5
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service.
local
high complexity
ibm CWE-770
5.1