Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-17 | CVE-2021-26931 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. | 5.5 |
| 2021-02-10 | CVE-2021-0338 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android 10.0/11.0 In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. | 5.5 |
| 2021-02-09 | CVE-2020-24685 | Allocation of Resources Without Limits or Throttling vulnerability in ABB Ac500 CPU Firmware An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service (DoS) vulnerability. | 8.6 |
| 2021-02-02 | CVE-2021-21294 | Allocation of Resources Without Limits or Throttling vulnerability in Typelevel Http4S Http4s (http4s-blaze-server) is a minimal, idiomatic Scala interface for HTTP services. | 7.5 |
| 2021-02-02 | CVE-2021-21293 | Allocation of Resources Without Limits or Throttling vulnerability in Typelevel Blaze blaze is a Scala library for building asynchronous pipelines, with a focus on network IO. | 7.5 |
| 2021-01-28 | CVE-2021-20185 | Allocation of Resources Without Limits or Throttling vulnerability in Moodle It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that messaging did not impose a character limit when sending messages, which could result in client-side (browser) denial of service for users receiving very large messages. | 5.3 |
| 2021-01-18 | CVE-2021-25173 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. | 7.8 |
| 2021-01-13 | CVE-2021-21607 | Allocation of Resources Without Limits or Throttling vulnerability in Jenkins Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs that use all available memory in Jenkins, potentially leading to out of memory errors. | 6.5 |
| 2021-01-08 | CVE-2021-1057 | Allocation of Resources Without Limits or Throttling vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerability in the vGPU plugin in which it allows guests to allocate some resources for which the guest is not authorized, which may lead to integrity and confidentiality loss, denial of service, or information disclosure. | 7.8 |
| 2021-01-08 | CVE-2020-36049 | Allocation of Resources Without Limits or Throttling vulnerability in Socket Socket.Io-Parser socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used. | 7.5 |