Vulnerabilities > Allocation of Resources Without Limits or Throttling
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-04 | CVE-2017-8779 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. | 7.8 |
2017-04-24 | CVE-2017-3555 | Allocation of Resources Without Limits or Throttling vulnerability in Oracle Ireceivables Vulnerability in the Oracle iReceivables component of Oracle E-Business Suite (subcomponent: Self Registration). | 5.0 |
2017-04-19 | CVE-2017-7963 | Allocation of Resources Without Limits or Throttling vulnerability in PHP The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. | 7.5 |
2017-04-14 | CVE-2017-7696 | Allocation of Resources Without Limits or Throttling vulnerability in SAP SSO Authentication Library 2.0/3.0 SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042. | 5.0 |
2017-03-27 | CVE-2017-5850 | Allocation of Resources Without Limits or Throttling vulnerability in Openbsd 6.0 httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | 7.8 |
2017-03-03 | CVE-2017-5835 | Allocation of Resources Without Limits or Throttling vulnerability in Libimobiledevice Libplist libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero. | 5.0 |
2016-11-04 | CVE-2016-8576 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process. | 6.0 |
2016-05-06 | CVE-2016-4074 | Allocation of Resources Without Limits or Throttling vulnerability in JQ Project JQ 1.5 The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. | 7.8 |
2001-11-05 | CVE-2001-1388 | Allocation of Resources Without Limits OR Throttling vulnerability in Netfilter Iptables iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator. | 5.0 |