Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2021-07-15 CVE-2021-29725 Allocation of Resources Without Limits or Throttling vulnerability in IBM products
IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource leak.
network
low complexity
ibm CWE-770
7.5
2021-07-13 CVE-2020-28400 Allocation of Resources Without Limits or Throttling vulnerability in Siemens products
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition.
network
low complexity
siemens CWE-770
7.5
2021-07-13 CVE-2021-35516 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs.
network
low complexity
apache netapp oracle CWE-770
7.5
2021-07-13 CVE-2021-35517 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs.
network
low complexity
apache netapp oracle CWE-770
7.5
2021-07-09 CVE-2021-36155 Allocation of Resources Without Limits or Throttling vulnerability in Linuxfoundation Grpc Swift 1.0.0/1.1.0/1.1.1
LengthPrefixedMessageReader in gRPC Swift 1.1.0 and earlier allocates buffers of arbitrary length, which allows remote attackers to cause uncontrolled resource consumption and deny service.
network
low complexity
linuxfoundation CWE-770
7.5
2021-06-28 CVE-2020-28200 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as demonstrated by a situation with a complex regular expression for the regex extension.
network
low complexity
dovecot fedoraproject CWE-770
4.3
2021-06-22 CVE-2021-32699 Allocation of Resources Without Limits or Throttling vulnerability in Pterodactyl Wings
Wings is the control plane software for the open source Pterodactyl game management system.
local
low complexity
pterodactyl CWE-770
6.5
2021-06-22 CVE-2021-22363 Allocation of Resources Without Limits or Throttling vulnerability in Huawei Ecns280 TD Firmware V100R005C10Spc650
There is a resource management error vulnerability in eCNS280_TD V100R005C10SPC650.
network
low complexity
huawei CWE-770
7.5
2021-06-21 CVE-2021-29061 Allocation of Resources Without Limits or Throttling vulnerability in Vfsjfilechooser2 Project Vfsjfilechooser2
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Vfsjfilechooser2 version 0.2.9 and below which occurs when the application attempts to validate crafted URIs.
network
low complexity
vfsjfilechooser2-project CWE-770
7.5
2021-06-21 CVE-2021-29063 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.
network
low complexity
mpmath fedoraproject CWE-770
7.5