Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-10 | CVE-2019-0199 | Resource Exhaustion vulnerability in Apache Tomcat The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. | 7.5 |
| 2019-04-04 | CVE-2018-19282 | Resource Exhaustion vulnerability in Rockwellautomation Powerflex 525 AC Drives Firmware 5.001 Rockwell Automation PowerFlex 525 AC Drives 5.001 and earlier allow remote attackers to cause a denial of service by crashing the Common Industrial Protocol (CIP) network stack. | 9.8 |
| 2019-04-03 | CVE-2018-4409 | Resource Exhaustion vulnerability in Apple products A resource exhaustion issue was addressed with improved input validation. | 6.5 |
| 2019-04-02 | CVE-2019-4080 | Resource Exhaustion vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. | 6.5 |
| 2019-04-01 | CVE-2018-3979 | Resource Exhaustion vulnerability in multiple products A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. | 6.5 |
| 2019-04-01 | CVE-2018-13296 | Resource Exhaustion vulnerability in Synology Mailplus Server Uncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation. | 7.5 |
| 2019-03-25 | CVE-2019-4046 | Resource Exhaustion vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. | 7.5 |
| 2019-03-25 | CVE-2019-3874 | Resource Exhaustion vulnerability in multiple products The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. | 6.5 |
| 2019-03-21 | CVE-2018-19158 | Resource Exhaustion vulnerability in Colossusxt Colossuscoinxt ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. | 7.5 |
| 2019-03-21 | CVE-2018-18898 | Resource Exhaustion vulnerability in multiple products The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. | 7.5 |