CWE-400
3,097 CVEs • Abstraction: Class • Likelihood of Exploit: High
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVEs (3,097)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
GitLab 12.2.3 contains a security vulnerability that allows a user to affect the availability of the service through a Denial of Service attack in Issue Comments. |
2Python Redhat3Enterprise Linux Enterprise Virtualization HypervisorPyxmlNov 21, 2024 Nov 22, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 PyXML: Hash table collisions CPU usage Denial of Service |
1F5 1Big Ip Access Policy Manager Nov 21, 2024 Nov 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.4.1, or 11.5.1-11.6.5 system processes certain requests, the APD/APMD daemon may consume excessive resources. |
1F5 13Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+10 moreNov 21, 2024 Nov 15, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed HTTP requests may consume excessive amounts of systems resources which may lead to a denial of service. |
1Mitsubishielectric 10L02/06/26cpu Cm Firmware L02/06/26cpu P FirmwareL02/06/26cpu Firmware+7 moreNov 21, 2024 Nov 13, 2019 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial number 21081 and prior, Q04/06/13/26UDPVCPU: serial number 21081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 21081 and pr...Show more |
1Hitachi 5Device Manager Infrastructure Analytics AdvisorReplication Manager+2 moreNov 21, 2024 Nov 12, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 allows an unauthenticated remote user to trigger a denial of service (DoS) condition because of Uncontrolled Resource Consumption. |
2Debian Openstack2Debian Linux KeystoneNov 21, 2024 Nov 12, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space |
3Debian FedoraprojectOpenttd3Debian Linux FedoraOpenttdNov 21, 2024 Nov 7, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. |
1Qualcomm 27Mdm9206 Firmware Mdm9607 FirmwareMsm8909w Firmware+24 moreNov 21, 2024 Nov 6, 2019 N/A· v4 6.5 MEDIUM· v3 5.0 MEDIUM· v2 Firmware not able to send EXT scan response to host within 1 sec due to resource consumption issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wea...Show more |
The WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an attacker to cause a denial of service (crash) via the htmlpluginelement.cpp plugin. |
CloakCoin through 2.2.2.0 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends inva...Show more |
peercoin through 0.6.4 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid...Show more |
neblio through 1.5.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid h...Show more |
reddcoin through 2.1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends inval...Show more |
stratisX through 2.0.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends inval...Show more |
Divi through 4.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid hea...Show more |
alqo through 4.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid heade...Show more |
Diamond through 3.0.1.2 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invali...Show more |
lux through 5.2.2 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid head...Show more |
Phore through 1.3.3.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid...Show more |