Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2024-12-18 CVE-2024-12698 An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources.
network
low complexity
CWE-400
6.5
2024-12-17 CVE-2024-12601 The Calculated Fields Form plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 5.2.63.
network
low complexity
CWE-400
5.3
2024-12-13 CVE-2024-12579 The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 2.1.10.
network
low complexity
CWE-400
5.3
2024-11-12 CVE-2024-46891 A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3).
network
low complexity
CWE-400
5.3
2024-10-11 CVE-2024-47497 An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service (DoS). An attacker can send specific HTTPS connection requests to the device, triggering the creation of processes that are not properly terminated.
network
low complexity
CWE-400
7.5
2024-10-02 CVE-2024-20500 Resource Exhaustion vulnerability in Cisco products
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions.
network
low complexity
cisco CWE-400
7.5
2024-10-02 CVE-2024-20502 Resource Exhaustion vulnerability in Cisco products
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishing SSL VPN sessions.
network
low complexity
cisco CWE-400
7.5
2024-09-30 CVE-2024-8454 Resource Exhaustion vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware
The swctrl service is used to detect and remotely manage PLANET Technology devices.
network
low complexity
planet CWE-400
7.5
2024-08-12 CVE-2024-42481 Resource Exhaustion vulnerability in Skyport Skyportd
Skyport Daemon (skyportd) is the daemon for the Skyport Panel.
network
low complexity
skyport CWE-400
7.5
2024-08-02 CVE-2024-3056 Resource Exhaustion vulnerability in multiple products
A flaw was found in Podman.
network
high complexity
podman-project redhat fedoraproject CWE-400
7.7