Vulnerabilities > Allocation of Resources Without Limits or Throttling
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-29 | CVE-2024-1953 | Allocation of Resources Without Limits or Throttling vulnerability in Mattermost Server Mattermost versions 8.1.x before 8.1.9, 9.2.x before 9.2.5, 9.3.0, and 9.4.x before 9.4.2 fail to limit the number of role names requested from the API, allowing an authenticated attacker to cause the server to run out of memory and crash by issuing an unusually large HTTP request. | 4.3 |
2024-02-29 | CVE-2024-20321 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Nx-Os A vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue. | 8.6 |
2024-02-26 | CVE-2024-23835 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
2024-02-26 | CVE-2024-23836 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. | 7.5 |
2024-02-14 | CVE-2023-50387 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. | 7.5 |
2024-02-11 | CVE-2024-21875 | Allocation of Resources Without Limits or Throttling vulnerability in Badge.Team Hacker Hotel Badge 2024 Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial of service attack.Team Hacker Hotel Badge 2024 on risc-v (billboard modules) allows Flooding.This issue affects Hacker Hotel Badge 2024: from 0.1.0 through 0.1.3. | 6.5 |
2024-02-11 | CVE-2023-52427 | Allocation of Resources Without Limits or Throttling vulnerability in Objectcomputing Opendds 3.23.1 In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resource_limits.max_samples. | 7.5 |
2024-02-07 | CVE-2024-1066 | Allocation of Resources Without Limits or Throttling vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay` | 6.5 |
2024-02-07 | CVE-2024-25143 | Allocation of Resources Without Limits or Throttling vulnerability in Liferay Portal The Document and Media widget In Liferay Portal 7.2.0 through 7.3.6, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 13, and older unsupported versions, does not limit resource consumption when generating a preview image, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted PNG images. | 6.5 |
2024-02-02 | CVE-2023-45028 | Allocation of Resources Without Limits or Throttling vulnerability in Qnap Qts, Quts Hero and Qutscloud An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. | 4.9 |