Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2021-05-28 CVE-2021-33623 Resource Exhaustion vulnerability in multiple products
The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.
network
low complexity
trim-newlines-project netapp debian CWE-400
7.5
7.5
2021-05-27 CVE-2020-1702 Resource Exhaustion vulnerability in multiple products
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform.
local
low complexity
containers-image-project redhat CWE-400
3.3
3.3
2021-05-26 CVE-2020-25673 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
local
low complexity
linux fedoraproject netapp CWE-400
5.5
5.5
2021-05-25 CVE-2021-32640 Resource Exhaustion vulnerability in multiple products
ws is an open source WebSocket client and server library for Node.js.
network
low complexity
ws-project netapp CWE-400
5.3
5.3
2021-05-21 CVE-2020-36332 Resource Exhaustion vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat debian netapp CWE-400
7.5
7.5
2021-05-20 CVE-2021-20718 Resource Exhaustion vulnerability in multiple products
mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors.
network
low complexity
openidc fedoraproject oracle CWE-400
7.5
7.5
2021-05-17 CVE-2021-32617 Resource Exhaustion vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject CWE-400
5.5
5.5
2021-05-17 CVE-2021-32455 Resource Exhaustion vulnerability in Sitel-Sa Cap/Prx Firmware 5.2.01
SITEL CAP/PRX firmware version 5.2.01, allows an attacker with access to the device´s network to cause a denial of service condition on the device.
low complexity
sitel-sa CWE-400
6.5
6.5
2021-05-13 CVE-2021-29506 Resource Exhaustion vulnerability in Graphhopper
GraphHopper is an open-source Java routing engine.
network
low complexity
graphhopper CWE-400
6.5
6.5
2021-05-13 CVE-2021-22139 Resource Exhaustion vulnerability in Elastic Kibana
Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size.
network
low complexity
elastic CWE-400
6.5
6.5