Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-30 | CVE-2018-1109 | Resource Exhaustion vulnerability in Braces Project Braces A vulnerability was found in Braces versions prior to 2.3.1. | 5.3 |
| 2021-03-30 | CVE-2018-1107 | Resource Exhaustion vulnerability in Is-My-Json-Valid Project Is-My-Json-Valid It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. | 5.3 |
| 2021-03-24 | CVE-2021-1460 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2021-03-23 | CVE-2021-21348 | Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.5 |
| 2021-03-19 | CVE-2021-21267 | Resource Exhaustion vulnerability in multiple products Schema-Inspector is an open-source tool to sanitize and validate JS objects (npm package schema-inspector). | 7.5 |
| 2021-03-19 | CVE-2021-28089 | Resource Exhaustion vulnerability in multiple products Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target, aka TROVE-2021-001. | 7.5 |
| 2021-03-10 | CVE-2020-35233 | Resource Exhaustion vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external attackers to force device reboots by sending concurrent connections, aka a denial of service attack. | 6.5 |
| 2021-03-09 | CVE-2021-21369 | Resource Exhaustion vulnerability in Linuxfoundation Besu Hyperledger Besu is an open-source, MainNet compatible, Ethereum client written in Java. | 6.5 |
| 2021-03-03 | CVE-2021-25252 | Resource Exhaustion vulnerability in Trendmicro products Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file. | 5.5 |
| 2021-03-02 | CVE-2021-22187 | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions of Gitlab EE/CE before 13.6.7. | 4.3 |