Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-3479 | Resource Exhaustion vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2020-09-24 | CVE-2020-3428 | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
| 2020-09-24 | CVE-2020-3414 | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2020-09-24 | CVE-2020-3409 | Resource Exhaustion vulnerability in Cisco IOS and IOS XE A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. | 7.4 |
| 2020-09-24 | CVE-2020-3408 | Resource Exhaustion vulnerability in Cisco IOS and IOS XE A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
| 2020-09-24 | CVE-2020-3559 | Resource Exhaustion vulnerability in Cisco products A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 8.6 |
| 2020-09-24 | CVE-2020-3508 | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition. | 7.4 |
| 2020-09-18 | CVE-2020-8251 | Resource Exhaustion vulnerability in multiple products Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections. | 7.5 |
| 2020-09-18 | CVE-2020-8246 | Resource Exhaustion vulnerability in Citrix products Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to a denial of service attack originating from the management network. | 7.5 |
| 2020-09-18 | CVE-2020-8237 | Resource Exhaustion vulnerability in Json-Bigint Project Json-Bigint Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack. | 7.5 |