Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2025-01-27 CVE-2024-12345 A vulnerability classified as problematic was found in INW Krbyyyzo 25.2002.
local
low complexity
CWE-400
4.4
2025-01-24 CVE-2025-0704 A vulnerability, which was classified as problematic, was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d.
network
low complexity
CWE-400
5.3
2025-01-06 CVE-2024-55605 Resource Exhaustion vulnerability in Oisf Suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine.
network
low complexity
oisf CWE-400
7.5
2024-12-17 CVE-2024-12601 The Calculated Fields Form plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 5.2.63.
network
low complexity
CWE-400
5.3
2024-12-13 CVE-2024-12579 The Minify HTML plugin for WordPress is vulnerable to Regular Expression Denial of Service (ReDoS) in all versions up to, and including, 2.1.10.
network
low complexity
CWE-400
5.3
2024-11-12 CVE-2024-46891 A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3).
network
low complexity
CWE-400
5.3
2024-10-11 CVE-2024-47497 An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service (DoS). An attacker can send specific HTTPS connection requests to the device, triggering the creation of processes that are not properly terminated.
network
low complexity
CWE-400
7.5
2024-10-02 CVE-2024-20500 Resource Exhaustion vulnerability in Cisco products
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource management when establishing TLS/SSL sessions.
network
low complexity
cisco CWE-400
7.5
2024-10-02 CVE-2024-20502 Resource Exhaustion vulnerability in Cisco products
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishing SSL VPN sessions.
network
low complexity
cisco CWE-400
7.5
2024-09-30 CVE-2024-8454 Resource Exhaustion vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware
The swctrl service is used to detect and remotely manage PLANET Technology devices.
network
low complexity
planet CWE-400
7.5