Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-07 | CVE-2023-35909 | Resource Exhaustion vulnerability in Ninjaforms Ninja Forms Uncontrolled Resource Consumption vulnerability in Saturday Drive Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress leading to DoS.This issue affects Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress: from n/a through 3.6.25. | 5.3 |
| 2023-12-07 | CVE-2023-48831 | Resource Exhaustion vulnerability in PHPjabbers Availability Booking Calendar 5.0 A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion. | 7.5 |
| 2023-12-07 | CVE-2023-48833 | Resource Exhaustion vulnerability in PHPjabbers Time Slots Booking Calendar 4.0 A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers to cause resource exhaustion. | 7.5 |
| 2023-12-07 | CVE-2023-48834 | Resource Exhaustion vulnerability in PHPjabbers CAR Rental Script 3.0 A lack of rate limiting in pjActionAjaxSend in Car Rental v3.0 allows attackers to cause resource exhaustion. | 7.5 |
| 2023-12-07 | CVE-2023-48840 | Resource Exhaustion vulnerability in PHPjabbers Appointment Scheduler 3.0 A lack of rate limiting in pjActionAjaxSend in Appointment Scheduler 3.0 allows attackers to cause resource exhaustion. | 7.5 |
| 2023-12-05 | CVE-2023-49290 | Resource Exhaustion vulnerability in Lestrrat-Go JWX lestrrat-go/jwx is a Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies. | 5.3 |
| 2023-12-04 | CVE-2023-40692 | Resource Exhaustion vulnerability in IBM DB2 10.5/11.1/11.5 IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. | 7.5 |
| 2023-11-27 | CVE-2023-40703 | Resource Exhaustion vulnerability in Mattermost Mattermost fails to properly limit the characters allowed in different fields of a block in Mattermost Boards allowing a attacker to consume excessive resources, possibly leading to Denial of Service, by patching the field of a block using a specially crafted string. | 7.5 |
| 2023-11-27 | CVE-2023-48268 | Resource Exhaustion vulnerability in Mattermost Mattermost fails to limit the amount of data extracted from compressed archives during board import in Mattermost Boards allowing an attacker to consume excessive resources, possibly leading to Denial of Service, by importing a board using a specially crafted zip (zip bomb). | 7.5 |
| 2023-11-27 | CVE-2023-48369 | Resource Exhaustion vulnerability in Mattermost Mattermost fails to limit the log size of server logs allowing an attacker sending specially crafted requests to different endpoints to potentially overflow the log. | 5.3 |