Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2021-06-08 CVE-2021-31340 Resource Exhaustion vulnerability in Siemens products
A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0).
network
low complexity
siemens CWE-400
7.5
7.5
2021-06-03 CVE-2020-28469 Resource Exhaustion vulnerability in multiple products
This affects the package glob-parent before 5.1.2.
network
low complexity
gulpjs oracle CWE-400
7.5
7.5
2021-05-28 CVE-2021-33623 Resource Exhaustion vulnerability in multiple products
The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.
network
low complexity
trim-newlines-project netapp debian CWE-400
7.5
7.5
2021-05-25 CVE-2021-32640 Resource Exhaustion vulnerability in multiple products
ws is an open source WebSocket client and server library for Node.js.
network
low complexity
ws-project netapp CWE-400
5.3
5.3
2021-05-21 CVE-2020-36332 Resource Exhaustion vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat debian netapp CWE-400
7.5
7.5
2021-05-20 CVE-2021-20718 Resource Exhaustion vulnerability in multiple products
mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors.
network
low complexity
openidc fedoraproject oracle CWE-400
7.5
7.5
2021-05-17 CVE-2021-32455 Resource Exhaustion vulnerability in Sitel-Sa Cap/Prx Firmware 5.2.01
SITEL CAP/PRX firmware version 5.2.01, allows an attacker with access to the device´s network to cause a denial of service condition on the device.
low complexity
sitel-sa CWE-400
6.5
6.5
2021-05-13 CVE-2021-22139 Resource Exhaustion vulnerability in Elastic Kibana
Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size.
network
low complexity
elastic CWE-400
6.5
6.5
2021-05-13 CVE-2021-32918 Resource Exhaustion vulnerability in multiple products
An issue was discovered in Prosody before 0.11.9.
network
low complexity
prosody debian fedoraproject CWE-400
7.5
7.5
2021-05-11 CVE-2021-30504 Resource Exhaustion vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2021.1, DoS was possible because of unbounded resource allocation.
network
low complexity
jetbrains CWE-400
7.5
7.5