Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-3559 | Resource Exhaustion vulnerability in Cisco products A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 8.6 |
| 2020-09-24 | CVE-2020-3508 | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition. | 7.4 |
| 2020-09-18 | CVE-2020-8251 | Resource Exhaustion vulnerability in multiple products Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections. | 7.5 |
| 2020-09-18 | CVE-2020-8246 | Resource Exhaustion vulnerability in Citrix products Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to a denial of service attack originating from the management network. | 7.5 |
| 2020-09-18 | CVE-2020-8237 | Resource Exhaustion vulnerability in Json-Bigint Project Json-Bigint Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack. | 7.5 |
| 2020-09-16 | CVE-2020-7733 | Resource Exhaustion vulnerability in multiple products The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA. | 7.5 |
| 2020-09-11 | CVE-2020-15166 | Resource Exhaustion vulnerability in multiple products In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. | 7.5 |
| 2020-09-10 | CVE-2018-17145 | Resource Exhaustion vulnerability in multiple products Bitcoin Core 0.16.x before 0.16.2 and Bitcoin Knots 0.16.x before 0.16.2 allow remote denial of service via a flood of multiple transaction inv messages with random hashes, aka INVDoS. | 7.5 |
| 2020-09-09 | CVE-2020-2039 | Resource Exhaustion vulnerability in Paloaltonetworks Pan-Os An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. | 5.3 |
| 2020-09-01 | CVE-2019-5645 | Resource Exhaustion vulnerability in Rapid7 Metasploit By sending a specially crafted HTTP GET request to a listening Rapid7 Metasploit HTTP handler, an attacker can register an arbitrary regular expression. | 7.5 |