Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2024-02-15 CVE-2024-20716 Resource Exhaustion vulnerability in Adobe Commerce 2.4.4/2.4.5/2.4.6
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service.
network
low complexity
adobe CWE-400
4.9
2024-02-13 CVE-2024-24781 An unauthenticated remote attacker can use an uncontrolled resource consumption vulnerability to DoS the affected devices through excessive traffic on a single ethernet port. 
network
low complexity
CWE-400
7.5
2024-02-09 CVE-2024-23323 Resource Exhaustion vulnerability in Envoyproxy Envoy
Envoy is a high-performance edge/middle/service proxy.
network
low complexity
envoyproxy CWE-400
5.3
2024-02-09 CVE-2024-1402 Resource Exhaustion vulnerability in Mattermost Server
Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis allowed to be added in a post, allowing an attacker sending a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seeing the post. 
network
low complexity
mattermost CWE-400
4.3
2024-02-09 CVE-2024-25451 Resource Exhaustion vulnerability in Axiosys Bento4 1.6.0640
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function.
network
low complexity
axiosys CWE-400
6.5
2024-02-09 CVE-2024-25452 Resource Exhaustion vulnerability in Axiosys Bento4 1.6.0640
Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_UrlAtom::AP4_UrlAtom() function.
local
low complexity
axiosys CWE-400
5.5
2024-02-09 CVE-2023-32341 Resource Exhaustion vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption.
network
low complexity
ibm CWE-400
6.5
2024-02-09 CVE-2024-22332 Resource Exhaustion vulnerability in IBM Integration BUS 10.1
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion.
network
low complexity
ibm CWE-400
6.5
2024-02-07 CVE-2023-6736 Resource Exhaustion vulnerability in Gitlab
An issue has been discovered in GitLab EE affecting all versions starting from 11.3 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1.
network
low complexity
gitlab CWE-400
6.5
2024-02-07 CVE-2024-1066 Resource Exhaustion vulnerability in Gitlab
An issue has been discovered in GitLab EE affecting all versions from 13.3.0 prior to 16.6.7, 16.7 prior to 16.7.5, and 16.8 prior to 16.8.2 which allows an attacker to do a resource exhaustion using GraphQL `vulnerabilitiesCountByDay`
network
low complexity
gitlab CWE-400
6.5