Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2017-09-01 CVE-2017-12692 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.
network
low complexity
imagemagick canonical CWE-770
6.5
2017-09-01 CVE-2017-12691 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
network
low complexity
imagemagick canonical CWE-770
6.5
2017-09-01 CVE-2017-14107 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive.
network
low complexity
libzip debian CWE-770
6.5
2017-08-30 CVE-2017-13763 Allocation of Resources Without Limits or Throttling vulnerability in Onosproject Onos 1.10.0/1.8.0/1.9.0
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated.
network
low complexity
onosproject CWE-770
7.5
2017-08-29 CVE-2017-12875 Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.66
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file.
network
low complexity
imagemagick CWE-770
6.5
2017-08-28 CVE-2017-13716 Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.29
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).
local
low complexity
gnu CWE-770
5.5
2017-08-23 CVE-2017-13133 Allocation of Resources Without Limits or Throttling vulnerability in Imagemagick 7.0.68
In ImageMagick 7.0.6-8, the load_level function in coders/xcf.c lacks offset validation, which allows attackers to cause a denial of service (load_tile memory exhaustion) via a crafted file.
network
low complexity
imagemagick CWE-770
6.5
2017-08-18 CVE-2017-8253 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.
local
low complexity
google CWE-770
7.8
2017-08-18 CVE-2017-12944 Allocation of Resources Without Limits or Throttling vulnerability in Libtiff 4.0.8
The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation.
network
low complexity
libtiff CWE-770
7.5
2017-08-09 CVE-2017-0725 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libskia).
local
low complexity
google CWE-770
5.5