Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-10 | CVE-2019-0038 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion. | 6.5 |
| 2019-04-10 | CVE-2019-0031 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos 17.4/18.1/18.1R Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. | 7.5 |
| 2019-04-03 | CVE-2019-10723 | Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. | 5.5 |
| 2019-04-01 | CVE-2019-1002100 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. | 6.5 |
| 2019-03-28 | CVE-2019-5739 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. | 7.5 |
| 2019-03-28 | CVE-2019-5737 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. | 7.5 |
| 2019-03-27 | CVE-2019-1737 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XE A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. | 8.6 |
| 2019-03-27 | CVE-2018-12545 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. | 7.5 |
| 2019-03-27 | CVE-2019-5419 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. | 7.5 |
| 2019-03-12 | CVE-2019-9705 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted. | 5.5 |