Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2018-01-12 CVE-2017-18028 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.
network
low complexity
imagemagick canonical CWE-770
6.5
2018-01-10 CVE-2018-0006 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition.
high complexity
juniper CWE-770
5.3
2018-01-08 CVE-2018-5296 Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.5
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp).
local
low complexity
podofo-project CWE-770
5.5
2018-01-03 CVE-2018-4868 Allocation of Resources Without Limits or Throttling vulnerability in Exiv2 0.26
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file.
local
low complexity
exiv2 CWE-770
5.5
2017-10-19 CVE-2017-3883 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
network
low complexity
cisco CWE-770
8.6
2017-09-30 CVE-2017-14938 Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.29
_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file.
local
low complexity
gnu CWE-770
5.5
2017-09-18 CVE-2017-14531 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
network
low complexity
imagemagick canonical CWE-770
6.5
2017-09-08 CVE-2017-0771 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libskia).
local
low complexity
google CWE-770
5.5
2017-09-07 CVE-2017-6780 Allocation of Resources Without Limits or Throttling vulnerability in Cisco products
A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventually forcing the device to restart, aka Memory Exhaustion.
network
low complexity
cisco CWE-770
7.5
2017-09-01 CVE-2017-12693 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.
network
low complexity
imagemagick canonical CWE-770
6.5