Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2019-09-17 CVE-2019-4183 Resource Exhaustion vulnerability in multiple products
IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of service attack that could allow a remote user to send specially crafted requests that would consume all available CPU and memory resources.
network
low complexity
ibm netapp CWE-400
7.5
2019-08-30 CVE-2019-1967 Resource Exhaustion vulnerability in Cisco Nx-Os
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-400
7.5
2019-08-26 CVE-2019-15549 Resource Exhaustion vulnerability in Asn1 DER Project Asn1 DER
An issue was discovered in the asn1_der crate before 0.6.2 for Rust.
network
low complexity
asn1-der-project CWE-400
7.5
2019-08-25 CVE-2019-15538 Resource Exhaustion vulnerability in multiple products
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9.
7.5
2019-08-23 CVE-2019-10750 Resource Exhaustion vulnerability in Deeply Project Deeply
deeply is vulnerable to Prototype Pollution in versions before 3.1.0.
network
low complexity
deeply-project CWE-400
critical
9.8
2019-08-23 CVE-2019-10747 Resource Exhaustion vulnerability in Set-Value Project Set-Value
set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1.
network
low complexity
set-value-project CWE-400
critical
9.8
2019-08-20 CVE-2019-4049 Resource Exhaustion vulnerability in IBM MQ
IBM MQ 9.1.0.0, 9.1.0.1, 9.1.1, and 9.1.0.2 is vulnerable to a denial of service due to a local user being able to fill up the disk space of the underlying filesystem using the error logging service.
local
low complexity
ibm CWE-400
5.5
2019-08-14 CVE-2019-9583 Resource Exhaustion vulnerability in Eq-3 Homematic Ccu2 Firmware and Homematic Ccu3 Firmware
eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login.
network
low complexity
eq-3 CWE-400
8.2
2019-08-13 CVE-2019-9512 Resource Exhaustion vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service.
network
low complexity
apple apache debian nodejs CWE-400
7.5
2019-08-02 CVE-2019-14233 Resource Exhaustion vulnerability in multiple products
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4.
network
low complexity
djangoproject opensuse CWE-400
7.5