Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-11 | CVE-2022-30691 | Resource Exhaustion vulnerability in Intel Support 21.7.40 Uncontrolled resource consumption in the Intel(R) Support Android application before version 22.02.28 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2022-11-10 | CVE-2022-3818 | Resource Exhaustion vulnerability in Gitlab An uncontrolled resource consumption issue when parsing URLs in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to cause performance issues and potentially a denial of service on the GitLab instance. | 5.3 |
| 2022-11-04 | CVE-2022-43564 | Resource Exhaustion vulnerability in Splunk and Splunk Cloud Platform In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a remote user who can create search macros and schedule search reports can cause a denial of service through the use of specially crafted search macros. | 6.5 |
| 2022-11-04 | CVE-2022-20937 | Resource Exhaustion vulnerability in Cisco Identity Services Engine A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device. This vulnerability is due to insufficient management of system resources. | 5.3 |
| 2022-10-31 | CVE-2022-2741 | Resource Exhaustion vulnerability in Zephyrproject Zephyr The denial-of-service can be triggered by transmitting a carefully crafted CAN frame on the same CAN network as the vulnerable node. | 7.5 |
| 2022-10-31 | CVE-2022-40617 | Resource Exhaustion vulnerability in multiple products strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data. | 7.5 |
| 2022-10-27 | CVE-2022-39330 | Resource Exhaustion vulnerability in Nextcloud Server Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. | 4.3 |
| 2022-10-21 | CVE-2022-3639 | Resource Exhaustion vulnerability in Gitlab A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 10.8 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. | 7.5 |
| 2022-10-19 | CVE-2022-41770 | Resource Exhaustion vulnerability in F5 products In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ all versions of 8.x and 7.x, an authenticated iControl REST user can cause an increase in memory resource utilization, via undisclosed requests. | 6.5 |
| 2022-10-19 | CVE-2022-41806 | Resource Exhaustion vulnerability in F5 Big-Ip Advanced Firewall Manager In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. | 7.5 |