Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-09 | CVE-2020-26257 | Resource Exhaustion vulnerability in multiple products Matrix is an ecosystem for open federated Instant Messaging and VoIP. | 6.5 |
| 2020-12-08 | CVE-2020-26256 | Resource Exhaustion vulnerability in C2Fo Fast-Csv Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node. | 6.5 |
| 2020-12-08 | CVE-2020-25630 | Resource Exhaustion vulnerability in Moodle A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk. | 7.5 |
| 2020-12-02 | CVE-2020-12524 | Resource Exhaustion vulnerability in Phoenixcontact products Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service). | 7.5 |
| 2020-12-02 | CVE-2020-5423 | Resource Exhaustion vulnerability in Cloudfoundry Cf-Deployment CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM. | 7.5 |
| 2020-12-02 | CVE-2020-27813 | Resource Exhaustion vulnerability in multiple products An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. | 7.5 |
| 2020-11-30 | CVE-2020-16850 | Resource Exhaustion vulnerability in Mitsubishielectric products Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. | 7.5 |
| 2020-11-27 | CVE-2020-10772 | Resource Exhaustion vulnerability in Nlnetlabs Unbound 1.6.65 An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. | 7.5 |
| 2020-11-26 | CVE-2020-7779 | Resource Exhaustion vulnerability in Djvalidator Project Djvalidator All versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails - for example, --@------------------------------------------------------------------------------------------------------------------------!. | 7.5 |
| 2020-11-25 | CVE-2020-14190 | Resource Exhaustion vulnerability in Atlassian Crucible Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of Service via user-supplied regex in EyeQL. | 7.5 |