CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,152 vulnerabilities with CWE-400
CVE-2019-12658 HIGH
Cisco IOS XE - Unauthenticated Denial of Service via Filesystem Resource Exhaustion
CVSS 7.5
CVE-2019-9717 MEDIUM
libav < 12.3 - Denial of Service via Matroska Subtitle Decoder
CVSS 6.5
CVE-2019-4183 HIGH
IBM Cognos Analytics 11.0 and 11.1 - Denial of Service via Crafted Requests
CVSS 7.5
CVE-2019-1967 HIGH
Cisco NX-OS - Unauthenticated Denial of Service via MODE_PRIVATE NTP Packet Flood
CVSS 7.5
CVE-2019-11060 HIGH
ASUS HG100 Firmware < 1.05.12 - Unauthenticated Denial of Service via Slowloris HTTP Attack
CVSS 7.5
CVE-2019-1965 HIGH
Cisco NX-OS 5.2-6.2(29) - Authenticated Denial of Service via VSH Session Management
CVSS 7.7
CVE-2019-15549 HIGH
asn1_der < 0.6.2 - Denial of Service via Length Field Memory Exhaustion
CVSS 7.5
CVE-2019-15538 HIGH
Opensuse Leap < 4.9.191 - Denial of Service
CVSS 7.5
CVE-2019-10750 CRITICAL
deeply < 3.1.0 - Prototype Pollution via _proto_ Payload
CVSS 9.8
CVE-2019-10747 CRITICAL
set-value < 2.0.1 - Prototype Pollution via mixin-deep Function
CVSS 9.8
CVE-2019-4049 MEDIUM
IBM MQ 9.1.0.0-9.1.1 - Denial of Service via Error Logging Service
CVSS 5.5
CVE-2019-9583 HIGH
eQ-3 Homematic CCU2 and CCU3 - Unauthenticated Denial of Service via Session ID Obtainment
CVSS 8.2
CVE-2019-9518 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Empty Frame Flood
CVSS 7.5
CVE-2019-9517 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Manipulation
CVSS 7.5
CVE-2019-9516 MEDIUM
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Header Leak
CVSS 6.5
CVE-2019-9515 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Settings Flood
CVSS 7.5
CVE-2019-9514 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Reset Flood
CVSS 7.5
CVE-2019-9513 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Priority Tree Manipulation
CVSS 7.5
CVE-2019-9512 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Ping Flood
CVSS 7.5
CVE-2019-9511 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Size Manipulation
CVSS 7.5
CVE-2019-10942 HIGH
SCALANCE X-200 Firmware < V5.2.5, X-200IRT Firmware < V5.5.0, X204RNA - Denial of Service via Telnet Service
CVSS 8.6
CVE-2019-14233 HIGH
Django <1.11.23, <2.1.11, <2.2.4 - Info Disclosure
CVSS 7.5
CVE-2019-14232 HIGH
Django <1.11.23, 2.1.x <2.1.11, 2.2.x <2.2.4 - RCE
CVSS 7.5
CVE-2019-10162 HIGH
PowerDNS Authoritative Server <4.1.10, 4.0.8 - DoS
CVSS 7.5
CVE-2019-13655 MEDIUM
imgix/imgix < 2019-06-19 - Denial of Service via Malformed JPEG Dimensions
CVSS 6.5
Details
Vulnerabilities 3,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits