Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-27 | CVE-2017-6161 | Resource Exhaustion vulnerability in F5 products In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. | 5.3 |
| 2017-10-26 | CVE-2017-15882 | Resource Exhaustion vulnerability in Londontrustmedia Private Internet Access The London Trust Media Private Internet Access (PIA) application before 1.3.3.1 for Android allows remote attackers to cause a denial of service (application crash) via a large VPN server-list file. | 7.5 |
| 2017-10-23 | CVE-2017-7086 | Resource Exhaustion vulnerability in Apple products An issue was discovered in certain Apple products. | 7.5 |
| 2017-10-19 | CVE-2017-12293 | Resource Exhaustion vulnerability in Cisco Webex Meetings Server 2.7 A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
| 2017-10-18 | CVE-2014-7813 | Resource Exhaustion vulnerability in Redhat Cloudforms 3.0 Management Engine Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack of garbage collection of inserted symbols. | 6.5 |
| 2017-10-18 | CVE-2017-15596 | Resource Exhaustion vulnerability in XEN An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error. | 6.0 |
| 2017-10-18 | CVE-2017-15595 | Resource Exhaustion vulnerability in XEN An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking. | 8.8 |
| 2017-10-17 | CVE-2014-9697 | Resource Exhaustion vulnerability in Huawei products Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attackers to cause a memory leak or denial of service (memory exhaustion, reboot and MPU switchover) via a crafted website. | 7.5 |
| 2017-10-16 | CVE-2016-8734 | Resource Exhaustion vulnerability in multiple products Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. | 6.5 |
| 2017-10-14 | CVE-2017-15298 | Resource Exhaustion vulnerability in multiple products Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. | 5.5 |