Vulnerabilities > Allocation of Resources Without Limits or Throttling
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-5379 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat products A flaw was found in Undertow. | 7.5 |
| 2023-12-12 | CVE-2023-50247 | Allocation of Resources Without Limits or Throttling vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. | 7.5 |
| 2023-12-10 | CVE-2023-50455 | Allocation of Resources Without Limits or Throttling vulnerability in Zammad 6.1.0/6.2.0 An issue was discovered in Zammad before 6.2.0. | 7.5 |
| 2023-12-08 | CVE-2023-6337 | Allocation of Resources Without Limits or Throttling vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. | 7.5 |
| 2023-12-07 | CVE-2023-4486 | Allocation of Resources Without Limits or Throttling vulnerability in Johnsoncontrols products Under certain circumstances, invalid authentication credentials could be sent to the login endpoint of Johnson Controls Metasys NAE55, SNE, and SNC engines prior to versions 11.0.6 and 12.0.4 and Facility Explorer F4-SNC engines prior to versions 11.0.6 and 12.0.4 to cause denial-of-service. | 7.5 |
| 2023-11-30 | CVE-2023-34389 | Allocation of Resources Without Limits or Throttling vulnerability in Selinc Sel-451 Firmware An allocation of resources without limits or throttling vulnerability in the Schweitzer Engineering Laboratories SEL-451 could allow a remote authenticated attacker to make the system unavailable for an indefinite amount of time. See product Instruction Manual Appendix A dated 20230830 for more details. | 6.5 |
| 2023-11-28 | CVE-2023-42504 | Allocation of Resources Without Limits or Throttling vulnerability in Apache Superset An authenticated malicious user could initiate multiple concurrent requests, each requesting multiple dashboard exports, leading to a possible denial of service. This issue affects Apache Superset: before 3.0.0 | 6.5 |
| 2023-11-10 | CVE-2023-47108 | Allocation of Resources Without Limits or Throttling vulnerability in Opentelemetry 0.43.0/0.44.0/0.45.0 OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. | 7.5 |
| 2023-11-10 | CVE-2023-47120 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse 3.1.0/3.1.1/3.2.0 Discourse is an open source platform for community discussion. | 7.5 |
| 2023-11-10 | CVE-2023-46130 | Allocation of Resources Without Limits or Throttling vulnerability in Discourse Discourse is an open source platform for community discussion. | 5.4 |