Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-05 | CVE-2019-6559 | Resource Exhaustion vulnerability in Moxa products Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash. | 6.5 |
| 2019-02-20 | CVE-2018-5819 | Resource Exhaustion vulnerability in multiple products An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources. | 7.5 |
| 2019-02-20 | CVE-2018-20030 | Resource Exhaustion vulnerability in Libexif Project Libexif 0.6.21 An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources. | 7.5 |
| 2019-02-18 | CVE-2019-8909 | Resource Exhaustion vulnerability in Wtcms Project Wtcms 1.0 An issue was discovered in WTCMS 1.0. | 7.5 |
| 2019-02-08 | CVE-2019-1672 | Resource Exhaustion vulnerability in Cisco web Security Appliance 10.1.0204/10.5.2072/11.5.1Fcs115 A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. | 5.8 |
| 2019-02-05 | CVE-2019-6535 | Resource Exhaustion vulnerability in Mitsubishielectric products Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. | 7.5 |
| 2019-01-30 | CVE-2018-17189 | Resource Exhaustion vulnerability in multiple products In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. | 5.3 |
| 2019-01-28 | CVE-2019-6986 | Resource Exhaustion vulnerability in Duraspace Vitro 1.10.0 SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request. | 7.5 |
| 2019-01-16 | CVE-2017-3144 | Resource Exhaustion vulnerability in multiple products A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. | 7.5 |
| 2019-01-16 | CVE-2017-3140 | Resource Exhaustion vulnerability in multiple products If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. | 5.9 |