Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2017-05-21 CVE-2017-9119 Resource Exhaustion vulnerability in multiple products
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact by triggering crafted operations on array data structures.
network
low complexity
php netapp CWE-400
critical
9.8
2017-05-19 CVE-2017-7935 Resource Exhaustion vulnerability in Phoenix Contact Gmbh Mguard Firmware
A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2.
network
low complexity
phoenix-contact-gmbh CWE-400
7.5
2017-05-18 CVE-2017-8338 Resource Exhaustion vulnerability in Mikrotik Routeros 6.38.5
A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 (used for L2TP over IPsec), preventing the affected router from accepting new connections; all devices will be disconnected from the router and all logs removed automatically.
network
low complexity
mikrotik CWE-400
7.5
2017-05-11 CVE-2017-2681 Resource Exhaustion vulnerability in Siemens products
Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product.
low complexity
siemens CWE-400
6.5
2017-05-11 CVE-2017-2680 Resource Exhaustion vulnerability in Siemens products
Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2).
low complexity
siemens CWE-400
6.5
2017-05-06 CVE-2017-6024 Resource Exhaustion vulnerability in Rockwellautomation products
A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers V28.011; and CompactLogix 5380 controllers V29.011.
network
high complexity
rockwellautomation CWE-400
5.9
2017-04-29 CVE-2017-8327 Resource Exhaustion vulnerability in Entropymine Imageworsener
The bmpr_read_uncompressed function in imagew-bmp.c in libimageworsener.a in ImageWorsener before 1.3.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted image.
network
low complexity
entropymine CWE-400
6.5
2017-04-24 CVE-2017-2322 Resource Exhaustion vulnerability in Juniper Northstar Controller 2.1.0
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1, may allow an authenticated user to cause widespread denials of service to system services by consuming TCP and UDP ports which are normally reserved for other system services.
local
low complexity
juniper CWE-400
5.5
2017-04-24 CVE-2017-1000359 Resource Exhaustion vulnerability in Opendaylight 3.3/4.0
Java out of memory error and significant increase in resource consumption.
network
low complexity
opendaylight CWE-400
5.3
2017-04-24 CVE-2017-1000357 Resource Exhaustion vulnerability in Opendaylight 3.3/4.0
Denial of Service attack when the switch rejects to receive packets from the controller.
network
low complexity
opendaylight CWE-400
7.5