Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2023-09-18 CVE-2023-42526 Resource Exhaustion vulnerability in Withsecure products
Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files.
network
low complexity
withsecure CWE-400
7.5
2023-09-14 CVE-2023-29499 Resource Exhaustion vulnerability in Gnome Glib
A flaw was found in GLib.
network
low complexity
gnome CWE-400
7.5
2023-09-14 CVE-2023-32611 Resource Exhaustion vulnerability in Gnome Glib
A flaw was found in GLib.
local
low complexity
gnome CWE-400
5.5
2023-09-12 CVE-2022-48474 Resource Exhaustion vulnerability in CBM Control DE Ciber 1.650
Control de Ciber, in its 1.650 version, is affected by a Denial of Service condition through the version function.
network
low complexity
cbm CWE-400
7.5
2023-09-12 CVE-2022-4896 Resource Exhaustion vulnerability in CBM Control DE Ciber 1.650
Cyber Control, in its 1.650 version, is affected by a vulnerability in the generation on the server of pop-up windows with the messages "PNTMEDIDAS", "PEDIR", "HAYDISCOA" or "SPOOLER".
network
low complexity
cbm CWE-400
7.5
2023-09-06 CVE-2023-28188 Resource Exhaustion vulnerability in Apple Macos
A denial-of-service issue was addressed with improved input validation.
network
low complexity
apple CWE-400
6.5
2023-08-31 CVE-2023-4162 Resource Exhaustion vulnerability in Brocade Fabric Operating System 9.0.1E/9.1.1
A segmentation fault can occur in Brocade Fabric OS after Brocade Fabric OS v9.0 and before Brocade Fabric OS v9.2.0a through the passwdcfg command.
local
low complexity
brocade CWE-400
4.4
2023-08-24 CVE-2023-4418 Resource Exhaustion vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware
A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its availability through a TCP SYN-based denial-of-service (DDoS) attack.
network
low complexity
sick CWE-400
7.5
2023-08-24 CVE-2023-40709 Resource Exhaustion vulnerability in Opto22 Snap PAC S1 Firmware R10.3B
An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b
network
low complexity
opto22 CWE-400
7.5
2023-08-24 CVE-2023-40710 Resource Exhaustion vulnerability in Opto22 Snap PAC S1 Firmware R10.3B
An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b
network
low complexity
opto22 CWE-400
7.5