Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-20482 | Resource Exhaustion vulnerability in Google Android 12.0/12.1/13.0 In createNotificationChannel of NotificationManager.java, there is a possible way to make the device unusable and require factory reset due to resource exhaustion. | 5.5 |
| 2022-12-13 | CVE-2022-46351 | Resource Exhaustion vulnerability in Siemens products A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). | 5.5 |
| 2022-12-13 | CVE-2022-46352 | Resource Exhaustion vulnerability in Siemens products A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (HSR) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP) (All versions < V3.2.7), SCALANCE X204RNA EEC (PRP/HSR) (All versions < V3.2.7). | 7.5 |
| 2022-12-07 | CVE-2022-44608 | Resource Exhaustion vulnerability in Cybozu Remote Service 4.0.0/4.0.3 Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.0.0 to 4.0.3 allows a remote authenticated attacker to consume huge storage space, which may result in a denial-of-service (DoS) condition. | 7.5 |
| 2022-12-05 | CVE-2022-35254 | Resource Exhaustion vulnerability in Ivanti Connect Secure and Policy Secure An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure (ICS) in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure (IPS) in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior to 22.3R1. | 7.5 |
| 2022-11-29 | CVE-2022-41568 | Resource Exhaustion vulnerability in Linecorp Line LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat. | 7.5 |
| 2022-11-23 | CVE-2022-45873 | Resource Exhaustion vulnerability in multiple products systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. | 5.5 |
| 2022-11-18 | CVE-2022-38871 | Resource Exhaustion vulnerability in Free5Gc 3.0.5 In Free5gc v3.0.5, the AMF breaks due to malformed NAS messages. | 7.5 |
| 2022-11-14 | CVE-2022-40735 | Resource Exhaustion vulnerability in Diffie-Hellman KEY Exchange Project Diffie-Hellman KEY Exchange The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1996 van Oorschot and Wiener paper found that "(appropriately) short exponents" can be used when there are adequate subgroup constraints, and these short exponents can lead to less expensive calculations than for long exponents. | 7.5 |
| 2022-11-14 | CVE-2022-45199 | Resource Exhaustion vulnerability in Python Pillow Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL. | 7.5 |