Vulnerabilities > Allocation of Resources Without Limits or Throttling

DATE CVE VULNERABILITY TITLE RISK
2024-02-29 CVE-2024-1953 Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server
Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the server to run out of memory and crash by issuing an unusually large HTTP request.
network
low complexity
mattermost CWE-770
4.3
2024-02-29 CVE-2024-20321 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Nx-Os
A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue.
network
low complexity
cisco CWE-770
8.6
2024-02-26 CVE-2024-23835 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
low complexity
oisf fedoraproject CWE-770
7.5
2024-02-26 CVE-2024-23836 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
low complexity
oisf fedoraproject CWE-770
7.5
2024-02-14 CVE-2023-50387 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue.
7.5
2024-02-11 CVE-2024-21875 Allocation of Resources Without Limits or Throttling vulnerability in Badge.Team Hacker Hotel Badge 2024
Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial of service attack.Team Hacker Hotel Badge 2024 on risc-v (billboard modules) allows Flooding.This issue affects Hacker Hotel Badge 2024: from 0.1.0 through 0.1.3.
low complexity
badge-team CWE-770
6.5
2024-02-11 CVE-2023-52427 Allocation of Resources Without Limits or Throttling vulnerability in Objectcomputing Opendds 3.23.1
In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resource_limits.max_samples.
network
low complexity
objectcomputing CWE-770
7.5
2024-02-07 CVE-2024-1066 Allocation of Resources Without Limits or Throttling vulnerability in Gitlab
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay`
network
low complexity
gitlab CWE-770
6.5
2024-02-07 CVE-2024-25143 Allocation of Resources Without Limits or Throttling vulnerability in Liferay Portal
The Document and Media widget In Liferay Portal 7.2.0 through 7.3.6, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 13, and older unsupported versions, does not limit resource consumption when generating a preview image, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted PNG images.
network
low complexity
liferay CWE-770
6.5
2024-02-02 CVE-2023-45028 Allocation of Resources Without Limits or Throttling vulnerability in Qnap Qts, Quts Hero and Qutscloud
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-770
4.9