Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-30 | CVE-2021-42120 | Resource Exhaustion vulnerability in Businessdnasolutions Topease Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 on all object attributes allows an authenticated remote attacker with Object Modification privileges to insert arbitrarily long strings, eventually leading to exhaustion of the underlying resource. | 6.5 |
| 2021-11-20 | CVE-2021-36310 | Resource Exhaustion vulnerability in Dell Networking Os10 Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. | 4.9 |
| 2021-11-19 | CVE-2021-22965 | Resource Exhaustion vulnerability in multiple products A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service when a malformed request is sent to the device. | 7.5 |
| 2021-11-17 | CVE-2021-0180 | Resource Exhaustion vulnerability in Intel Hardware Accelerated Execution Manager Uncontrolled resource consumption in the Intel(R) HAXM software before version 7.6.6 may allow an unauthenticated user to potentially enable privilege escalation via local access. | 8.4 |
| 2021-11-17 | CVE-2021-0182 | Resource Exhaustion vulnerability in Intel Hardware Accelerated Execution Manager Uncontrolled resource consumption in the Intel(R) HAXM software before version 7.6.6 may allow an unauthenticated user to potentially enable information disclosure via local access. | 6.2 |
| 2021-11-17 | CVE-2021-33073 | Resource Exhaustion vulnerability in Intel Distribution of Openvino Toolkit 2020.2 Uncontrolled resource consumption in the Intel(R) Distribution of OpenVINOâ„¢ Toolkit before version 2021.4 may allow an unauthenticated user to potentially enable denial of service via local access. | 5.5 |
| 2021-11-11 | CVE-2021-3909 | Resource Exhaustion vulnerability in multiple products OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. | 7.5 |
| 2021-11-11 | CVE-2002-20001 | Resource Exhaustion vulnerability in multiple products The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. | 7.5 |
| 2021-11-09 | CVE-2021-43173 | Resource Exhaustion vulnerability in multiple products In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. | 7.5 |
| 2021-11-04 | CVE-2021-39914 | Resource Exhaustion vulnerability in Gitlab A regular expression denial of service issue in GitLab versions 8.13 to 14.2.5, 14.3.0 to 14.3.3 and 14.4.0 could cause excessive usage of resources when a specially crafted username was used when provisioning a new user | 4.3 |