Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CVEs (3,097)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-42849 1Silverpeas 1Silverpeas Jun 5, 2025 Aug 16, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function.
CVE-2024-42981 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42980 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVE-2024-42969 1Tenda 1Fh1206 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST req...Show more Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the page parameter in the fromSafeUrlFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42951 1Tenda 1Fh1201 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the mit_pptpusrpw parameter in the fromWizardHandle function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craft...Show more Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the mit_pptpusrpw parameter in the fromWizardHandle function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42950 1Tenda 1Fh1201 Firmware Aug 21, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST...Show more Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the Go parameter in the fromSafeClientFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-42943 1Tenda 1Fh1201 Firmware Aug 16, 2024 Aug 15, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted...Show more Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.Show less
CVE-2024-41727 1F5 21Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Advanced Web Application Firewall+18 more Aug 20, 2024 Aug 14, 2024 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versi...Show more In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Show less
CVE-2024-7567 - - Aug 14, 2024 Aug 13, 2024 6.9 MEDIUM· v4 N/A· v3 N/A· v2 A denial-of-service vulnerability exists via the CIP/Modbus port in the Rockwell Automation Micro850/870 (2080 -L50E/2080 -L70E). If exploited, the CIP/Modbus communication may be disrupted for short duration.
CVE-2024-38168 1Microsoft 2.net Visual Studio 2022 Aug 16, 2024 Aug 13, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 .NET and Visual Studio Denial of Service Vulnerability
CVE-2023-31348 1Amd 1Uprof Dec 12, 2024 Aug 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A DLL hijacking vulnerability in AMD μProf could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
CVE-2024-42481 1Skyport 1Skyportd Sep 16, 2024 Aug 12, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By making thousands of folders & files (easy due to skyport's lack of rate limiting on createFolder. createFile), skyportd in a lot of cases will cause 100%...Show more Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By making thousands of folders & files (easy due to skyport's lack of rate limiting on createFolder. createFile), skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2.Show less
CVE-2024-0115 1Nvidia 1Cv Cuda Dec 26, 2024 Aug 12, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. A successful...Show more NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack contains a vulnerability in Python APIs where a user may cause an uncontrolled resource consumption issue by a long running CV-CUDA Python process. A successful exploit of this vulnerability may lead to denial of service and data loss.Show less
CVE-2024-7610 1Gitlab 1Gitlab Aug 29, 2024 Aug 8, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause cat...Show more A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch.Show less
CVE-2024-5423 1Gitlab 1Gitlab Aug 29, 2024 Aug 8, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2 which a...Show more Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2 which allowed an attacker to cause resource exhaustion via banzai pipeline.Show less
CVE-2024-4210 1Gitlab 1Gitlab Aug 23, 2024 Aug 8, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 12.6 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause a d...Show more A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 12.6 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause a denial of service using crafted adoc files.Show less
CVE-2024-41989 1Djangoproject 1Django Nov 4, 2025 Aug 7, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation...Show more An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.Show less
CVE-2024-42399 2Arubanetworks Hp 2Arubaos Instantos Mar 13, 2025 Aug 6, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal...Show more Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.Show less
CVE-2024-42398 2Arubanetworks Hp 2Arubaos Instantos Mar 24, 2025 Aug 6, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal...Show more Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.Show less
CVE-2024-42397 1Hp 1Instantos Mar 19, 2025 Aug 6, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to in...Show more Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.Show less

Previous 1...505152...155 Next