Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2024-08-30 CVE-2024-21658 Allocation of Resources Without Limits or Throttling vulnerability in Discourse Calendar 1.0.0/1.0.1
discourse-calendar is a discourse plugin which adds the ability to create a dynamic calendar in the first post of a topic.
network
low complexity
discourse CWE-770
4.3
2024-08-27 CVE-2024-43783 Allocation of Resources Without Limits or Throttling vulnerability in Apollographql products
The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2.
network
low complexity
apollographql CWE-770
7.5
2024-08-27 CVE-2024-41175 Allocation of Resources Without Limits or Throttling vulnerability in Beckhoff IPC Diagnostics Package and Twincat/Bsd
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local denial-of-service attack by a low privileged attacker.
local
low complexity
beckhoff CWE-770
5.5
2024-08-19 CVE-2024-44083 Allocation of Resources Without Limits or Throttling vulnerability in Hex-Rays IDA PRO
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked.
network
low complexity
hex-rays CWE-770
7.5
2024-08-17 CVE-2024-43856 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: dma: fix call order in dmam_free_coherent dmam_free_coherent() frees a DMA allocation, which makes the freed vaddr available for reuse, then calls devres_destroy() to remove and free the data structure used to track the DMA allocation.
local
low complexity
linux CWE-770
5.5
2024-08-14 CVE-2024-41727 Allocation of Resources Without Limits or Throttling vulnerability in F5 products
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
network
low complexity
f5 CWE-770
7.5
2024-08-12 CVE-2024-42258 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1].
local
low complexity
linux CWE-770
5.5
2024-08-12 CVE-2024-36462 Allocation of Resources Without Limits or Throttling vulnerability in Zabbix 7.0.0
Uncontrolled resource consumption refers to a software vulnerability where a attacker or system uses excessive resources, such as CPU, memory, or network bandwidth, without proper limitations or controls.
network
low complexity
zabbix CWE-770
7.5
2024-08-07 CVE-2024-42241 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray.
local
low complexity
linux CWE-770
5.5
2024-08-07 CVE-2024-42242 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE blk_queue_max_segment_size() ensured: if (max_size < PAGE_SIZE) max_size = PAGE_SIZE; whereas: blk_validate_limits() makes it an error: if (WARN_ON_ONCE(lim->max_segment_size < PAGE_SIZE)) return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in some circumstances. Fix the maximum segment size when it is too low.
local
low complexity
linux CWE-770
5.5