Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-49713 | Resource Exhaustion vulnerability in Jtekt products Denial-of-service (DoS) vulnerability exists in NetBIOS service of HMI GC-A2 series. | 7.5 |
| 2023-12-12 | CVE-2023-45847 | Resource Exhaustion vulnerability in Mattermost Server Mattermost fails to to check the length when setting the title in a run checklist in Playbooks, allowing an attacker to send a specially crafted request and crash the Playbooks plugin | 7.5 |
| 2023-12-12 | CVE-2023-49809 | Resource Exhaustion vulnerability in Mattermost Server Mattermost fails to handle a null request body in the /add endpoint, allowing a simple member to send a request with null request body to that endpoint and make it crash. | 6.5 |
| 2023-12-07 | CVE-2023-48831 | Resource Exhaustion vulnerability in PHPjabbers Availability Booking Calendar 5.0 A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion. | 7.5 |
| 2023-12-07 | CVE-2023-48833 | Resource Exhaustion vulnerability in PHPjabbers Time Slots Booking Calendar 4.0 A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers to cause resource exhaustion. | 7.5 |
| 2023-12-07 | CVE-2023-48834 | Resource Exhaustion vulnerability in PHPjabbers CAR Rental Script 3.0 A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion. | 7.5 |
| 2023-12-07 | CVE-2023-48840 | Resource Exhaustion vulnerability in PHPjabbers Appointment Scheduler 3.0 A lack of rate limiting in pjActionAjaxSend in Appointment Scheduler 3.0 allows attackers to cause resource exhaustion. | 7.5 |
| 2023-11-27 | CVE-2023-40703 | Resource Exhaustion vulnerability in Mattermost Mattermost fails to properly limit the characters allowed in different fields of a block in Mattermost Boards allowing a attacker to consume excessive resources, possibly leading to Denial of Service, by patching the field of a block using a specially crafted string. | 7.5 |
| 2023-11-27 | CVE-2023-48268 | Resource Exhaustion vulnerability in Mattermost Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip (zip bomb). | 7.5 |
| 2023-11-27 | CVE-2023-48369 | Resource Exhaustion vulnerability in Mattermost Mattermost fails to limit the log size of server logs allowing an attacker sending specially crafted requests to different endpoints to potentially overflow the log. | 5.3 |