Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-20 | CVE-2020-5668 | Resource Exhaustion vulnerability in Mitsubishielectric products Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, and RJ71GN11-T2 firmware version '11' and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet | 7.5 |
| 2020-11-19 | CVE-2020-8277 | Resource Exhaustion vulnerability in multiple products A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. | 7.5 |
| 2020-11-17 | CVE-2020-13349 | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 8.12. | 4.3 |
| 2020-11-17 | CVE-2020-13354 | Resource Exhaustion vulnerability in Gitlab A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 12.6. | 4.3 |
| 2020-11-16 | CVE-2020-5666 | Resource Exhaustion vulnerability in Mitsubishielectric products Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules (R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120(EN)CPU Firmware versions from '35' to '51') allows a remote attacker to cause an error in a CPU unit via a specially crafted HTTP packet, which may lead to a denial-of-service (DoS) condition in execution of the program and its communication. | 7.5 |
| 2020-11-12 | CVE-2020-15783 | Resource Exhaustion vulnerability in Siemens products A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. | 7.5 |
| 2020-11-12 | CVE-2020-24573 | Resource Exhaustion vulnerability in Bab-Technologie Eibport Firmware 3.8.2 BAB TECHNOLOGIE GmbH eibPort V3 prior to 3.8.3 devices allow denial of service (Uncontrolled Resource Consumption) via requests to the lighttpd component. | 7.5 |
| 2020-11-11 | CVE-2020-7767 | Resource Exhaustion vulnerability in Express-Validators Project Express-Validators All versions of package express-validators are vulnerable to Regular Expression Denial of Service (ReDoS) when validating specifically-crafted invalid urls. | 5.3 |
| 2020-11-10 | CVE-2020-0441 | Resource Exhaustion vulnerability in Google Android In Message and toBundle of Notification.java, there is a possible resource exhaustion due to improper input validation. | 7.5 |
| 2020-11-02 | CVE-2020-5652 | Resource Exhaustion vulnerability in Mitsubishielectric products Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series CPU modules (R 00/01/02 CPU firmware versions '20' and earlier, R 04/08/16/32/120 (EN) CPU firmware versions '52' and earlier, R 08/16/32/120 SFCPU firmware versions '22' and earlier, R 08/16/32/120 PCPU all versions, R 08/16/32/120 PSFCPU all versions, R 16/32/64 MTCPU all versions, Q03 UDECPU, Q 04/06/10/13/20/26/50/100 UDEHCPU serial number '22081' and earlier , Q 03/04/06/13/26 UDVCPU serial number '22031' and earlier, Q 04/06/13/26 UDPVCPU serial number '22031' and earlier, Q 172/173 DCPU all versions, Q 172/173 DSCPU all versions, Q 170 MCPU all versions, Q 170 MSCPU all versions, L 02/06/26 CPU (-P) and L 26 CPU - (P) BT all versions) allows a remote unauthenticated attacker to stop the Ethernet communication functions of the products via a specially crafted packet, which may lead to a denial of service (DoS) condition . | 7.5 |