Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2021-03-05 CVE-2021-28038 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV.
local
low complexity
linux debian netapp CWE-770
6.5
2021-02-26 CVE-2021-21274 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).
network
low complexity
matrix fedoraproject CWE-770
6.5
2021-02-18 CVE-2020-28491 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1.
network
low complexity
fasterxml quarkus oracle CWE-770
7.5
2021-02-17 CVE-2021-22174 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject oracle CWE-770
7.5
2021-02-17 CVE-2021-26931 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen.
local
low complexity
linux fedoraproject debian CWE-770
5.5
2021-02-10 CVE-2021-0338 Allocation of Resources Without Limits or Throttling vulnerability in Google Android 10.0/11.0
In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings.
local
low complexity
google CWE-770
5.5
2021-02-09 CVE-2020-24685 Allocation of Resources Without Limits or Throttling vulnerability in ABB Ac500 CPU Firmware
An unauthenticated specially crafted packet sent by an attacker over the network will cause a denial-of-service (DoS) vulnerability.
network
low complexity
abb CWE-770
8.6
2021-02-02 CVE-2021-21294 Allocation of Resources Without Limits or Throttling vulnerability in Typelevel Http4S
Http4s (http4s-blaze-server) is a minimal, idiomatic Scala interface for HTTP services.
network
low complexity
typelevel CWE-770
7.5
2021-02-02 CVE-2021-21293 Allocation of Resources Without Limits or Throttling vulnerability in Typelevel Blaze
blaze is a Scala library for building asynchronous pipelines, with a focus on network IO.
network
low complexity
typelevel CWE-770
7.5
2021-01-28 CVE-2021-20185 Allocation of Resources Without Limits or Throttling vulnerability in Moodle
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that messaging did not impose a character limit when sending messages, which could result in client-side (browser) denial of service for users receiving very large messages.
network
low complexity
moodle CWE-770
5.3