Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2020-07-01 CVE-2020-12605 Allocation of Resources Without Limits or Throttling vulnerability in Envoyproxy Envoy
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.
network
low complexity
envoyproxy CWE-770
7.5
2020-06-24 CVE-2020-9494 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread.
network
low complexity
apache debian CWE-770
7.5
2020-06-19 CVE-2017-18899 Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5.
network
low complexity
mattermost CWE-770
5.3
2020-06-19 CVE-2019-20880 Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7.
network
low complexity
mattermost CWE-770
7.5
2020-06-19 CVE-2019-20845 Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 5.18.0.
network
low complexity
mattermost CWE-770
7.5
2020-06-17 CVE-2020-14405 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in LibVNCServer before 0.9.13.
network
low complexity
libvnc-project canonical debian siemens CWE-770
6.5
2020-06-11 CVE-2020-13250 Allocation of Resources Without Limits or Throttling vulnerability in Hashicorp Consul
HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service.
network
low complexity
hashicorp CWE-770
7.5
2020-06-11 CVE-2020-0160 Allocation of Resources Without Limits or Throttling vulnerability in Google Android 10.0
In setSyncSampleParams of SampleTable.cpp, there is possible resource exhaustion due to a missing bounds check.
network
low complexity
google CWE-770
8.8
2020-06-10 CVE-2020-10705 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error.
network
low complexity
redhat netapp CWE-770
7.5
2020-06-04 CVE-2019-20818 Allocation of Resources Without Limits or Throttling vulnerability in Foxitsoftware Reader
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.
network
low complexity
foxitsoftware CWE-770
7.5