Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-5950 | Resource Exhaustion vulnerability in F5 Big-Ip Advanced Firewall Manager On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role. | 5.0 |
| 2020-12-11 | CVE-2020-26264 | Resource Exhaustion vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 4.0 |
| 2020-12-09 | CVE-2020-26257 | Resource Exhaustion vulnerability in multiple products Matrix is an ecosystem for open federated Instant Messaging and VoIP. | 6.5 |
| 2020-12-08 | CVE-2020-26256 | Resource Exhaustion vulnerability in C2Fo Fast-Csv Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node. | 6.5 |
| 2020-12-08 | CVE-2020-29540 | Resource Exhaustion vulnerability in Systransoft Pure Neural Server API calls in the Translation API feature in Systran Pure Neural Server before 9.7.0 allow a threat actor to use the Systran Pure Neural Server as a Denial-of-Service proxy by sending a large amount of translation requests to a destination host on any given TCP port regardless of whether a web service is running on the destination port. | 5.0 |
| 2020-12-08 | CVE-2020-25630 | Resource Exhaustion vulnerability in Moodle A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk. | 5.0 |
| 2020-12-02 | CVE-2020-12524 | Resource Exhaustion vulnerability in Phoenixcontact products Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service). | 5.0 |
| 2020-12-02 | CVE-2020-5423 | Resource Exhaustion vulnerability in Cloudfoundry Capi-Release CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM. | 7.8 |
| 2020-12-02 | CVE-2020-27813 | Resource Exhaustion vulnerability in multiple products An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. | 7.5 |
| 2020-11-30 | CVE-2020-16850 | Resource Exhaustion vulnerability in Mitsubishielectric products Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. | 7.8 |