Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-27 | CVE-2024-4557 | Resource Exhaustion vulnerability in Gitlab Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1 which allowed an attacker to cause resource exhaustion via banzai pipeline. | 6.5 |
| 2024-02-15 | CVE-2024-20716 | Resource Exhaustion vulnerability in Adobe Commerce 2.4.4/2.4.5/2.4.6 Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. | 4.9 |
| 2024-02-13 | CVE-2024-24781 | An unauthenticated remote attacker can use an uncontrolled resource consumption vulnerability to DoS the affected devices through excessive traffic on a single ethernet port. | 7.5 |
| 2024-02-09 | CVE-2024-23323 | Resource Exhaustion vulnerability in Envoyproxy Envoy Envoy is a high-performance edge/middle/service proxy. | 5.3 |
| 2024-02-09 | CVE-2024-1402 | Resource Exhaustion vulnerability in Mattermost Server Mattermost fails to check if a custom emoji reaction exists when sending it to a post and to limit the amount of custom emojis allowed to be added in a post, allowing an attacker sending a huge amount of non-existent custom emojis in a post to crash the mobile app of a user seeing the post and to crash the server due to overloading when clients attempt to retrive the aforementioned post. | 4.3 |
| 2024-02-09 | CVE-2024-25451 | Resource Exhaustion vulnerability in Axiosys Bento4 1.6.0640 Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_DataBuffer::ReallocateBuffer() function. | 6.5 |
| 2024-02-09 | CVE-2024-25452 | Resource Exhaustion vulnerability in Axiosys Bento4 1.6.0640 Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via the AP4_UrlAtom::AP4_UrlAtom() function. | 5.5 |
| 2024-02-09 | CVE-2023-32341 | Resource Exhaustion vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption. | 6.5 |
| 2024-02-09 | CVE-2024-22332 | Resource Exhaustion vulnerability in IBM Integration BUS 10.1 The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. | 6.5 |
| 2024-02-07 | CVE-2023-6736 | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 11.3 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. | 6.5 |