Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-04 | CVE-2017-8779 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. | 7.5 |
| 2017-04-24 | CVE-2017-3555 | Allocation of Resources Without Limits or Throttling vulnerability in Oracle Ireceivables Vulnerability in the Oracle iReceivables component of Oracle E-Business Suite (subcomponent: Self Registration). | 7.5 |
| 2017-04-19 | CVE-2017-7963 | Allocation of Resources Without Limits or Throttling vulnerability in PHP The GNU Multiple Precision Arithmetic Library (GMP) interfaces for PHP through 7.1.4 allow attackers to cause a denial of service (memory consumption and application crash) via operations on long strings. | 7.5 |
| 2017-04-14 | CVE-2017-7696 | Allocation of Resources Without Limits or Throttling vulnerability in SAP SSO Authentication Library 2.0/3.0 SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042. | 7.5 |
| 2017-03-27 | CVE-2017-5850 | Allocation of Resources Without Limits or Throttling vulnerability in Openbsd 6.0 httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | 7.5 |
| 2017-03-03 | CVE-2017-5835 | Allocation of Resources Without Limits or Throttling vulnerability in Libimobiledevice Libplist libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero. | 7.5 |
| 2016-11-04 | CVE-2016-8576 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process. | 6.0 |
| 2016-05-06 | CVE-2016-4074 | Allocation of Resources Without Limits or Throttling vulnerability in JQ Project JQ 1.5 The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. | 7.5 |