Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-06 | CVE-2020-7212 | Resource Exhaustion vulnerability in Python Urllib3 The _encode_invalid_chars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service (CPU consumption) because of an inefficient algorithm. | 7.5 |
| 2020-03-05 | CVE-2020-6986 | Resource Exhaustion vulnerability in Omron PLC CJ1 Firmware and PLC CJ2 Firmware In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result. | 7.5 |
| 2020-03-04 | CVE-2020-8661 | Resource Exhaustion vulnerability in multiple products CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests. | 7.5 |
| 2020-03-04 | CVE-2020-3190 | Resource Exhaustion vulnerability in Cisco IOS XR A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected device. | 5.8 |
| 2020-03-04 | CVE-2020-3181 | Resource Exhaustion vulnerability in Cisco Email Security Appliance A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection (AMP) in Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated remote attacker to exhaust resources on an affected device. | 6.5 |
| 2020-02-26 | CVE-2020-3175 | Resource Exhaustion vulnerability in Cisco Nx-Os 6.2(1) A vulnerability in the resource handling system of Cisco NX-OS Software for Cisco MDS 9000 Series Multilayer Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2020-02-26 | CVE-2020-3168 | Resource Exhaustion vulnerability in Cisco Nx-Os 5.2(1)Sv3(4.1A) A vulnerability in the Secure Login Enhancements capability of Cisco Nexus 1000V Switch for VMware vSphere could allow an unauthenticated, remote attacker to cause an affected Nexus 1000V Virtual Supervisor Module (VSM) to become inaccessible to users through the CLI. | 7.5 |
| 2020-02-24 | CVE-2020-9369 | Resource Exhaustion vulnerability in multiple products Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with malformed parameters. | 7.5 |
| 2020-02-24 | CVE-2012-0785 | Resource Exhaustion vulnerability in multiple products Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack." | 7.5 |
| 2020-02-20 | CVE-2015-4411 | Resource Exhaustion vulnerability in multiple products The Moped::BSON::ObjecId.legal? method in mongodb/bson-ruby before 3.0.4 as used in rubygem-moped allows remote attackers to cause a denial of service (worker resource consumption) via a crafted string. | 7.5 |