Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2018-01-03 CVE-2018-4868 Allocation of Resources Without Limits or Throttling vulnerability in Exiv2 0.26
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file.
local
low complexity
exiv2 CWE-770
5.5
2017-10-19 CVE-2017-3883 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Extensible Operating System
A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload.
network
low complexity
cisco CWE-770
8.6
2017-09-30 CVE-2017-14938 Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.29
_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file.
local
low complexity
gnu CWE-770
5.5
2017-09-18 CVE-2017-14531 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
ImageMagick 7.0.7-0 has a memory exhaustion issue in ReadSUNImage in coders/sun.c.
network
low complexity
imagemagick canonical CWE-770
6.5
2017-09-08 CVE-2017-0771 Allocation of Resources Without Limits or Throttling vulnerability in Google Android
A denial of service vulnerability in the Android media framework (libskia).
local
low complexity
google CWE-770
5.5
2017-09-07 CVE-2017-6780 Allocation of Resources Without Limits or Throttling vulnerability in Cisco products
A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventually forcing the device to restart, aka Memory Exhaustion.
network
low complexity
cisco CWE-770
7.5
2017-09-01 CVE-2017-12693 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ReadBMPImage function in coders/bmp.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted BMP file.
network
low complexity
imagemagick canonical CWE-770
6.5
2017-09-01 CVE-2017-12692 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ReadVIFFImage function in coders/viff.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted VIFF file.
network
low complexity
imagemagick canonical CWE-770
6.5
2017-09-01 CVE-2017-12691 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ReadOneLayer function in coders/xcf.c in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
network
low complexity
imagemagick canonical CWE-770
6.5
2017-09-01 CVE-2017-14107 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 mishandles EOCD records, which allows remote attackers to cause a denial of service (memory allocation failure in _zip_cdir_grow in zip_dirent.c) via a crafted ZIP archive.
network
low complexity
libzip debian CWE-770
6.5