Vulnerabilities > Uncontrolled Resource Consumption ('Resource Exhaustion')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-14 | CVE-2016-3104 | Resource Exhaustion vulnerability in Mongodb 2.4.0/2.6.0 mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption and process termination) by leveraging in-memory database representation when authenticating against a non-existent database. | 7.5 |
| 2017-04-07 | CVE-2017-6019 | Resource Exhaustion vulnerability in Schneider-Electric Conext Combox 865-1058 Firmware 3.03 An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. | 7.5 |
| 2017-04-07 | CVE-2017-3885 | Resource Exhaustion vulnerability in Cisco Secure Firewall Management Center A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. | 5.9 |
| 2017-04-03 | CVE-2017-7397 | Resource Exhaustion vulnerability in Backbox Linux 4.6 BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). | 7.5 |
| 2017-04-02 | CVE-2016-8780 | Resource Exhaustion vulnerability in Huawei products Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition. | 6.5 |
| 2017-04-02 | CVE-2017-2461 | Resource Exhaustion vulnerability in Apple products An issue was discovered in certain Apple products. | 7.5 |
| 2017-03-29 | CVE-2017-7285 | Resource Exhaustion vulnerability in Mikrotik Routeros 6.38.5 A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections. | 7.5 |
| 2017-03-24 | CVE-2016-2225 | Resource Exhaustion vulnerability in Uclibc-Ng Project Uclibc-Ng The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet. | 7.5 |
| 2017-03-24 | CVE-2016-2224 | Resource Exhaustion vulnerability in Uclibc-Ng Project Uclibc-Ng The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compressed items in a reply. | 7.5 |
| 2017-03-23 | CVE-2016-10058 | Resource Exhaustion vulnerability in Imagemagick Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service (memory consumption) via a crafted image file. | 5.5 |