CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,152 vulnerabilities with CWE-400
CVE-2017-3768 HIGH
Lenovo/IBM System x <4.4/<6.4 - DoS
CVSS 7.5
CVE-2017-15132 HIGH
dovecot 2.0-2.2.33 - Memory Leak via SASL Authentication Abort
CVSS 7.5
CVE-2017-13211 HIGH
Android 8.0 - Uncontrolled Resource Consumption via BLE Scan Results
CVSS 7.5
CVE-2017-1000476 MEDIUM
ImageMagick 7.0.7-12 Q16 - Denial of Service in ReadDDSInfo
CVSS 6.5
CVE-2017-17901 HIGH
ZyXEL P-660HW v3 - Denial of Service via TTL Expiry Packet Flood
CVSS 7.5
CVE-2017-12741 HIGH
SIMATIC S7-200 Firmware < 2.03.01 - Denial of Service via Crafted UDP Packets
CVSS 7.5
CVE-2017-17682 MEDIUM
ImageMagick 7.0.7-12 - Denial of Service via Crafted WPG Image File
CVSS 6.5
CVE-2017-15529 MEDIUM
Norton Family Android App < 4.4.1.10 - Denial of Service
CVSS 6.2
CVE-2017-4920 MEDIUM
VMware NSX-V Edge <6.2.8-6.3.3 - DoS
CVSS 5.9
CVE-2017-17051 HIGH
OpenStack Nova 16.0.3 - Authenticated Denial of Service via Repeated Instance Rebuild
CVSS 8.6
CVE-2017-15701 HIGH
Apache Qpid Broker-J 6.1.0-6.1.4 - Unauthenticated Denial of Service via AMQP 1.0 Frame Size Exhaustion
CVSS 7.5
CVE-2017-2734 MEDIUM
Huawei P9 Plus Firmware < VIE-AL10BC00B386 - Denial of Service via Malicious Application Memory Exhaustion
CVSS 5.5
CVE-2017-2690 MEDIUM
Huawei SoftCo and eSpace U1910/U1911/U1930/U1960/U1980/U1981 - Denial of Service via Malicious File Upload
CVSS 5.5
CVE-2017-12190 MEDIUM
Linux kernel <4.13.8 - Memory Corruption
CVSS 6.5
CVE-2017-1000191 HIGH
Jool 3.5.0-3.5.1 - Denial of Service via Kernel Crashing Packet
CVSS 7.5
CVE-2017-14028 HIGH
Moxa NPort <3.7 - Memory Corruption
CVSS 7.5
CVE-2017-12318 HIGH
Cisco RF Gateway 1 - Unauthenticated Denial of Service via TCP Connection Exhaustion
CVSS 7.5
CVE-2017-7132 HIGH
macOS < 10.13.1 - Remote Code Execution or Denial of Service via Quick Look Office Document Handling
CVSS 7.8
CVE-2017-13825 HIGH
macOS < 10.13.1 - Remote Code Execution or Denial of Service via Crafted Font File
CVSS 7.8
CVE-2017-14360 MEDIUM
HPE Content Manager Workgroup Service <9.00 - DoS
CVSS 5.9
CVE-2017-2889 HIGH
Circle with Disney Firmware 2.0.1 - Denial of Service via TCP Connection Flood
CVSS 7.5
CVE-2017-2884 HIGH
Circle with Disney Firmware 2.0.1 - Uncontrolled Resource Consumption via User Photo Update API
CVSS 7.5
CVE-2017-6161 MEDIUM
F5 BIG-IP 11.2.1, 11.4.0-11.5.4, 11.6.0-11.6.1, 12.0.0-12.1.2 DoS via ConfigSync
CVSS 5.3
CVE-2017-15882 HIGH
Private Internet Access < 1.3.3.1 - Denial of Service via Large VPN Server-List File
CVSS 7.5
CVE-2017-7086 HIGH
iPhone OS < 10.3.3, macOS < 10.12.6, tvOS < 10.2.2, watchOS < 3.2.3 - Denial of Service via glob Function
CVSS 7.5
Details
Vulnerabilities 3,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits