Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2017-06-08 CVE-2017-6640 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Prime Data Center Network Manager 10.1.0/10.1(1)/10.1(2)
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote attacker to log in to the administrative console of a DCNM server by using an account that has a default, static password.
network
low complexity
cisco CWE-770
critical
9.8
2017-06-02 CVE-2017-9350 Allocation of Resources Without Limits or Throttling vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory.
network
low complexity
wireshark CWE-770
7.5
2017-05-22 CVE-2017-6653 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Identity Services Engine 2.1(0.474)
A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests.
network
low complexity
cisco CWE-770
7.5
2017-05-22 CVE-2017-6641 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Remote Expert Manager 11.0.0
A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service (DoS) condition on an affected system.
network
low complexity
cisco CWE-770
7.5
2017-05-18 CVE-2017-9039 Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.28
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.
local
low complexity
gnu CWE-770
5.5
2017-05-12 CVE-2017-0612 Allocation of Resources Without Limits or Throttling vulnerability in Linux Kernel 3.18
An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel.
local
high complexity
linux CWE-770
7.0
2017-05-04 CVE-2017-8779 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb.
7.5
2017-04-24 CVE-2017-3555 Allocation of Resources Without Limits or Throttling vulnerability in Oracle Ireceivables
Vulnerability in the Oracle iReceivables component of Oracle E-Business Suite (subcomponent: Self Registration).
network
low complexity
oracle CWE-770
7.5
2017-04-19 CVE-2017-7963 Allocation of Resources Without Limits or Throttling vulnerability in PHP
The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings.
network
low complexity
php CWE-770
7.5
2017-04-14 CVE-2017-7696 Allocation of Resources Without Limits or Throttling vulnerability in SAP SSO Authentication Library 2.0/3.0
SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042.
network
low complexity
sap CWE-770
7.5