Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-06 | CVE-2023-33957 | Resource Exhaustion vulnerability in Notaryproject Notation-Go notation is a CLI tool to sign and verify OCI artifacts and container images. | 5.7 |
| 2023-06-06 | CVE-2023-33958 | Resource Exhaustion vulnerability in Notaryproject Notation-Go notation is a CLI tool to sign and verify OCI artifacts and container images. | 6.5 |
| 2023-06-06 | CVE-2023-0921 | Resource Exhaustion vulnerability in Gitlab A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage. | 4.3 |
| 2023-06-06 | CVE-2022-33303 | Resource Exhaustion vulnerability in Qualcomm products Transient DOS due to uncontrolled resource consumption in Linux kernel when malformed messages are sent from the Gunyah Resource Manager message queue. | 5.5 |
| 2023-06-02 | CVE-2023-0616 | Resource Exhaustion vulnerability in Mozilla Thunderbird If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. | 6.5 |
| 2023-06-02 | CVE-2023-29544 | Resource Exhaustion vulnerability in Mozilla Firefox and Focus If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. | 6.5 |
| 2023-05-30 | CVE-2023-29735 | Resource Exhaustion vulnerability in MWM Edjing MIX 7.09.01 An issue found in edjing Mix v.7.09.01 for Android allows a local attacker to cause a denial of service via the database files. | 5.5 |
| 2023-05-29 | CVE-2023-30570 | Resource Exhaustion vulnerability in Libreswan pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. | 7.5 |
| 2023-05-26 | CVE-2023-28320 | Resource Exhaustion vulnerability in multiple products A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. | 5.9 |
| 2023-05-26 | CVE-2023-1981 | Resource Exhaustion vulnerability in multiple products A vulnerability was found in the avahi library. | 5.5 |