CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,152 vulnerabilities with CWE-400
CVE-2018-10193 HIGH
LastPass < 4.15.0 - Denial of Service via Input Element Resource Consumption
CVSS 7.5
CVE-2018-10070 HIGH
MikroTik Router Firmware 6.41.4 - Unauthenticated Denial of Service via Malformed FTP Request
CVSS 7.5
CVE-2018-0022 HIGH
Junos OS - Denial of Service via MPLS Packet Processing in VPLS Routing-Instances
CVSS 7.5
CVE-2018-8777 HIGH
Ruby < 2.2.10, 2.3.x < 2.3.7, 2.4.x < 2.4.4, 2.5.x < 2.5.1, 2.6.0-preview1 - Denial of Service via Crafted HTTP Request
CVSS 7.5
CVE-2018-4100 HIGH
iPhone OS < 11.2.5, macOS < 10.13.3, watchOS < 4.2.2 - Denial of Service via LinkPresentation Text Message
CVSS 7.5
CVE-2018-1064 HIGH
Debian Linux < 4.1.0 - Denial of Service
CVSS 7.5
CVE-2018-7876 MEDIUM
libming 0.4.8 - Denial of Service via parseSWF_ACTIONRECORD Memory Exhaustion
CVSS 6.5
CVE-2018-1000115 HIGH
memcached 1.5.5 - Denial of Service via UDP Traffic Amplification
CVSS 7.5
CVE-2018-7651 MEDIUM
ssri < 5.2.2 - Denial of Service via Long Base64 Hash String
CVSS 5.9
CVE-2018-7048 HIGH
Wowza Streaming Engine < 4.7.1 - Denial of Service via Memory Consumption
CVSS 7.5
CVE-2018-5501 MEDIUM
F5 BIG-IP <13.0.0, 12.1.0-12.1.3.1, 11.6.x, 11.5.x, 11.2.1 - DoS
CVSS 5.9
CVE-2018-5500 MEDIUM
F5 BIG-IP <13.0.0, 12.1.3.1, 11.6.2 - Memory Corruption
CVSS 5.9
CVE-2018-7540 MEDIUM
Xen < 4.10.0 - Denial of Service via Non-Preemptable L3/L4 Pagetable Freeing
CVSS 6.5
CVE-2018-6532 HIGH
Icinga 2.0.0-2.8.0 - Unauthenticated Denial of Service via Memory Exhaustion
CVSS 7.5
CVE-2018-6389 HIGH
WordPress < 4.9.2 - Unauthenticated Denial of Service via Repeated JavaScript File Loading
CVSS 7.5
CVE-2018-6616 MEDIUM
OpenJPEG 2.3.0 - Denial of Service via Crafted BMP File
CVSS 5.5
CVE-2018-6352 MEDIUM
PoDoFo 0.9.5 - Denial of Service via Excessive Iteration in PdfParser
CVSS 5.5
CVE-2018-5954 HIGH
phpfreechat < 1.7 - Denial of Service via Excessive Connect Commands
CVSS 7.5
CVE-2018-5748 HIGH
libvirt - Denial of Service via Large QEMU Reply
CVSS 7.5
CVE-2018-4837 HIGH
TeleControl Server Basic < 3.1 - Denial of Service via Web Server
CVSS 7.5
CVE-2018-5784 MEDIUM
libtiff - Denial of Service via Crafted TIFF File
CVSS 6.5
CVE-2018-0094 HIGH
Cisco Unified Computing System Central Software - Unauthenticated Denial of Service via IPv6 Ingress Packet Flood
CVSS 7.5
CVE-2018-0090 HIGH
Cisco NX-OS - Unauthenticated Denial of Service via Management Interface ACL Bypass
CVSS 7.5
CVE-2018-0086 HIGH
Cisco Unified Customer Voice Portal < 11.5 - Unauthenticated Denial of Service via Malformed SIP INVITE Traffic
CVSS 8.6
CVE-2018-0004 MEDIUM
Junos OS Multiple Versions - Unauthenticated Denial of Service via Sustained Transit Traffic
CVSS 6.5
Details
Vulnerabilities 3,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits