Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-24 | CVE-2022-24375 | Resource Exhaustion vulnerability in Node-Opcua Project Node-Opcua The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False. | 7.5 |
| 2022-08-16 | CVE-2022-35013 | Resource Exhaustion vulnerability in Pngdec Project Pngdec 1.0.0/1.0.1 PNGDec commit 8abf6be was discovered to contain a FPE via SaveBMP at /linux/main.cpp. | 6.5 |
| 2022-08-05 | CVE-2022-2053 | Resource Exhaustion vulnerability in Redhat Integration Camel K, Jboss Fuse and Undertow When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. | 7.5 |
| 2022-07-28 | CVE-2021-22642 | Resource Exhaustion vulnerability in Ovarro products An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system. | 7.5 |
| 2022-07-20 | CVE-2020-21405 | Resource Exhaustion vulnerability in H96Tvbox H96 PRO Plus Firmware An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via calls to the saveDeepColorAttr service.unk | 7.5 |
| 2022-07-17 | CVE-2022-27937 | Resource Exhaustion vulnerability in Pexip Infinity Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264. | 7.5 |
| 2022-07-06 | CVE-2022-20808 | Resource Exhaustion vulnerability in Cisco Smart Software Manager On-Prem 8202004/8202108 A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2022-07-06 | CVE-2022-30591 | Resource Exhaustion vulnerability in Quic-Go Project Quic-Go quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. | 7.5 |
| 2022-07-01 | CVE-2014-3648 | Resource Exhaustion vulnerability in Redhat Jboss Aerogear 1.0.0 The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. | 7.5 |
| 2022-06-27 | CVE-2022-26477 | Resource Exhaustion vulnerability in Apache Systemds The Security Team noticed that the termination condition of the for loop in the readExternal method is a controllable variable, which, if tampered with, may lead to CPU exhaustion. | 7.5 |