Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')

DATE CVE VULNERABILITY TITLE RISK
2017-10-04 CVE-2017-15010 Resource Exhaustion vulnerability in Salesforce Tough-Cookie
A ReDoS (regular expression denial of service) flaw was found in the tough-cookie module before 2.3.3 for Node.js.
network
low complexity
salesforce CWE-400
7.5
2017-10-03 CVE-2017-14988 Resource Exhaustion vulnerability in Openexr 2.2.0
Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp.
local
low complexity
openexr CWE-400
5.5
2017-09-26 CVE-2015-3248 Resource Exhaustion vulnerability in Openhpi 3.5.0
openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi directory, which allows local users, when quotas are not properly setup, to fill the filesystem hosting /var/lib and cause a denial of service (disk consumption).
local
high complexity
openhpi CWE-400
4.7
2017-09-21 CVE-2017-8247 Resource Exhaustion vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened more than once.
local
low complexity
google CWE-400
7.8
2017-09-20 CVE-2017-14616 Resource Exhaustion vulnerability in Watchguard Fireware
An FBX-5312 issue was discovered in WatchGuard Fireware before 12.0.
network
low complexity
watchguard CWE-400
7.5
2017-09-12 CVE-2017-14342 Resource Exhaustion vulnerability in multiple products
ImageMagick 7.0.6-6 has a memory exhaustion vulnerability in ReadWPGImage in coders/wpg.c via a crafted wpg image file.
network
low complexity
imagemagick canonical CWE-400
6.5
2017-09-12 CVE-2017-14341 Resource Exhaustion vulnerability in multiple products
ImageMagick 7.0.6-6 has a large loop vulnerability in ReadWPGImage in coders/wpg.c, causing CPU exhaustion via a crafted wpg image file.
network
low complexity
imagemagick debian canonical CWE-400
6.5
2017-09-09 CVE-2017-14223 Resource Exhaustion vulnerability in multiple products
In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption.
network
low complexity
ffmpeg debian CWE-400
6.5
2017-09-07 CVE-2013-7428 Resource Exhaustion vulnerability in Mapsplugin Googlemaps 3.0
The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to cause a denial of service via the url parameter to plugin_googlemap2_proxy.php.
network
low complexity
mapsplugin CWE-400
7.5
2017-09-05 CVE-2017-14158 Resource Exhaustion vulnerability in Scrapy 1.4
Scrapy 1.4 allows remote attackers to cause a denial of service (memory consumption) via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by interaction between dataReceived (in core/downloader/handlers/http11.py) and S3FilesStore.
network
low complexity
scrapy CWE-400
7.5