Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2021-02-12 CVE-2020-13949 Resource Exhaustion vulnerability in multiple products
In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.
network
low complexity
apache oracle CWE-400
7.5
7.5
2021-02-12 CVE-2021-22985 Resource Exhaustion vulnerability in F5 Big-Ip Application Security Manager
On BIG-IP APM version 16.0.x before 16.0.1.1, under certain conditions, when processing VPN traffic with APM, TMM consumes excessive memory.
network
low complexity
f5 CWE-400
7.5
7.5
2021-02-11 CVE-2021-22880 Resource Exhaustion vulnerability in multiple products
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability.
network
low complexity
rubyonrails fedoraproject CWE-400
7.5
7.5
2021-02-11 CVE-2020-35498 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in openvswitch.
network
low complexity
openvswitch debian fedoraproject CWE-400
7.5
7.5
2021-02-10 CVE-2020-5023 Resource Exhaustion vulnerability in IBM Spectrum Protect Plus
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption.
network
low complexity
ibm CWE-400
7.5
7.5
2021-02-08 CVE-2021-21306 Resource Exhaustion vulnerability in Marked Project Marked
Marked is an open-source markdown parser and compiler (npm package "marked").
network
low complexity
marked-project CWE-400
7.5
7.5
2021-02-08 CVE-2021-21240 Resource Exhaustion vulnerability in Httplib2 Project Httplib2
httplib2 is a comprehensive HTTP client library for Python.
network
low complexity
httplib2-project CWE-400
7.5
7.5
2021-02-04 CVE-2021-25227 Resource Exhaustion vulnerability in Trendmicro Antivirus
Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application.
local
low complexity
trendmicro CWE-400
3.3
3.3
2021-02-04 CVE-2021-1266 Resource Exhaustion vulnerability in Cisco Managed Services Accelerator 3.7.0
A vulnerability in the REST API of Cisco Managed Services Accelerator (MSX) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-400
6.5
6.5
2021-02-01 CVE-2020-28493 Resource Exhaustion vulnerability in multiple products
This affects the package jinja2 from 0.0.0 and before 2.11.3.
network
low complexity
palletsprojects fedoraproject CWE-400
5.3
5.3