Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-26 | CVE-2020-25652 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`. | 5.5 |
| 2020-11-25 | CVE-2020-25650 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. | 5.5 |
| 2020-11-04 | CVE-2020-8037 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. | 7.5 |
| 2020-10-28 | CVE-2020-27978 | Allocation of Resources Without Limits or Throttling vulnerability in Shibboleth Identity Provider Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. | 7.5 |
| 2020-10-20 | CVE-2020-25648 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. | 7.5 |
| 2020-10-16 | CVE-2020-27173 | Allocation of Resources Without Limits or Throttling vulnerability in Vm-Superio Project Vm-Superio 0.1.0 In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source (i.e., standard input). | 7.5 |
| 2020-10-07 | CVE-2020-13342 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 13.2.10, 13.3.7 and 13.4.2: Lack of Rate Limiting at Re-Sending Confirmation Email | 2.7 |
| 2020-10-02 | CVE-2020-5982 | Allocation of Resources Without Limits or Throttling vulnerability in Nvidia Virtual GPU Manager NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) scheduler, in which the software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests, which may lead to denial of service. | 4.4 |
| 2020-09-25 | CVE-2020-15213 | Allocation of Resources Without Limits or Throttling vulnerability in Google Tensorflow 2.2.0/2.3.0 In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. | 4.0 |
| 2020-09-23 | CVE-2020-3569 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XR Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. | 8.6 |