Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-06 | CVE-2018-6389 | Resource Exhaustion vulnerability in Wordpress In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times. | 5.0 |
| 2018-02-06 | CVE-2017-6198 | Resource Exhaustion vulnerability in Sandstorm The Supervisor in Sandstorm doesn't set and enforce the resource limits of a process. | 6.8 |
| 2018-02-05 | CVE-2015-4412 | Resource Exhaustion vulnerability in Bson Project Bson 3.0.3 BSON injection vulnerability in the legal? function in BSON (bson-ruby) gem before 3.0.4 for Ruby allows remote attackers to cause a denial of service (resource consumption) or inject arbitrary data via a crafted string. | 7.5 |
| 2018-02-04 | CVE-2018-6616 | Resource Exhaustion vulnerability in multiple products In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. | 4.3 |
| 2018-02-02 | CVE-2017-14180 | Resource Exhaustion vulnerability in multiple products Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than CVE-2017-14179. | 7.2 |
| 2018-02-02 | CVE-2017-14179 | Resource Exhaustion vulnerability in multiple products Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. | 7.2 |
| 2018-02-02 | CVE-2017-14177 | Resource Exhaustion vulnerability in multiple products Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. | 7.2 |
| 2018-01-29 | CVE-2017-15133 | Resource Exhaustion vulnerability in Miekg-Dns Prject Miekg-Dns A denial of service flaw was found in miekg-dns before 1.0.4. | 5.0 |
| 2018-01-27 | CVE-2018-6352 | Resource Exhaustion vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. | 4.3 |
| 2018-01-26 | CVE-2017-3768 | Resource Exhaustion vulnerability in multiple products An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System x and earlier than 6.4 for IBM System x). | 7.8 |