Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-17 | CVE-2018-20169 | Resource Exhaustion vulnerability in multiple products An issue was discovered in the Linux kernel before 4.19.9. | 6.8 |
| 2018-12-14 | CVE-2018-6707 | Resource Exhaustion vulnerability in Mcafee Agent Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent (MA) 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to cause DoS, unexpected behavior, or potentially unauthorized code execution via knowledge of the internal trust mechanism. | 7.0 |
| 2018-12-13 | CVE-2018-13815 | Resource Exhaustion vulnerability in Siemens Simatic S7-1200 Firmware and Simatic S7-1500 Firmware A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). | 7.5 |
| 2018-12-06 | CVE-2018-19881 | Resource Exhaustion vulnerability in Artifex Mupdf 1.14.0 In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl. | 5.5 |
| 2018-12-04 | CVE-2018-17159 | Resource Exhaustion vulnerability in Freebsd In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. | 7.5 |
| 2018-12-04 | CVE-2018-19838 | Resource Exhaustion vulnerability in Sass-Lang Libsass In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENT_AST_OPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone(), cloneChildren(), and copy(). | 6.5 |
| 2018-12-04 | CVE-2018-19837 | Resource Exhaustion vulnerability in Sass-Lang Libsass In LibSass prior to 3.5.5, Sass::Eval::operator()(Sass::Binary_Expression*) inside eval.cpp allows attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, because of certain incorrect parsing of '%' as a modulo operator in parser.cpp. | 6.5 |
| 2018-11-28 | CVE-2018-12122 | Resource Exhaustion vulnerability in multiple products Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. | 7.5 |
| 2018-11-28 | CVE-2018-12121 | Resource Exhaustion vulnerability in multiple products Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. | 7.5 |
| 2018-11-28 | CVE-2018-16853 | Resource Exhaustion vulnerability in Samba Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. | 5.9 |