Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-10 | CVE-2019-11938 | Allocation of Resources Without Limits or Throttling vulnerability in Facebook Thrift Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. | 7.5 |
| 2020-03-04 | CVE-2020-8659 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. | 7.5 |
| 2020-02-28 | CVE-2018-21035 | Allocation of Resources Without Limits or Throttling vulnerability in QT In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. | 7.5 |
| 2020-01-31 | CVE-2019-4720 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. | 7.5 |
| 2020-01-31 | CVE-2020-7219 | Allocation of Resources Without Limits or Throttling vulnerability in Hashicorp Consul HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. | 7.5 |
| 2020-01-31 | CVE-2020-7218 | Allocation of Resources Without Limits or Throttling vulnerability in Hashicorp Nomad HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. | 7.5 |
| 2020-01-29 | CVE-2020-8416 | Allocation of Resources Without Limits or Throttling vulnerability in Iktm Bearftp 0.0.1/0.1.0 IKTeam BearFTP before 0.2.0 allows remote attackers to achieve denial of service via a large volume of connections to the PASV mode port. | 7.5 |
| 2020-01-24 | CVE-2020-7052 | Allocation of Resources Without Limits or Throttling vulnerability in Codesys products CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. | 6.5 |
| 2020-01-24 | CVE-2020-7226 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data. | 7.5 |
| 2020-01-08 | CVE-2020-6610 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_r2007.c. | 6.5 |