CWE-400
High likelihoodUncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
3,152 vulnerabilities with CWE-400
CVE-2017-2535
HIGH
macOS < 10.12.4 - Sandbox Escape and Denial of Service via Crafted App
CVSS 7.8
CVE-2017-6632
HIGH
Cisco FirePOWER System Software 5.3.0-6.2.2 - Unauthenticated Denial of Service via Crafted TCP Packet Flood
CVSS 7.5
CVE-2017-9119
CRITICAL
PHP 7.1.5 - Denial of Service via Crafted Array Operations
CVSS 9.8
CVE-2017-7935
HIGH
Phoenix Contact GmbH mGuard firmware 8.3.0-8.4.2 - Resource Exhaustion via VPN Requests
CVSS 7.5
CVE-2017-8338
HIGH
MikroTik RouterOS 6.38.5 - Unauthenticated Denial of Service via UDP Flood on Port 500
CVSS 7.5
CVE-2017-2681
MEDIUM
SIMATIC CP 343-1 STD Firmware < 3.1.3 - Denial of Service via PROFINET DCP Packet
CVSS 6.5
CVE-2017-2680
MEDIUM
SIMATIC CP 343-1/443-1/1243-1, CM 1542-1, CP 1542SP-1/1543SP-1/1543-1, RF650R DoS via PROFINET DCP
CVSS 6.5
CVE-2017-6024
MEDIUM
Rockwell Automation ControlLogix 5580 and CompactLogix 5380 - Denial of Service via CIP Command Flood
CVSS 5.9
CVE-2017-8327
MEDIUM
ImageWorsener < 1.3.0 - Denial of Service via BMP Image Parsing
CVSS 6.5
CVE-2017-2322
MEDIUM
Juniper Networks NorthStar Controller <2.1.0-SP1 - DoS
CVSS 5.5
CVE-2017-1000359
MEDIUM
OpenDaylight odl-mdsal-xsql <4.0 - Memory Corruption
CVSS 5.3
CVE-2017-1000357
HIGH
OpenDaylight 3.3-4.4 - Denial of Service via OpenFlow Packet Rejection
CVSS 7.5
CVE-2017-2333
MEDIUM
Juniper Networks NorthStar Controller <2.1.0 SP1 - DoS
CVSS 6.5
CVE-2017-2327
MEDIUM
Juniper Networks NorthStar Controller <2.1.0-SP1 - DoS
CVSS 5.5
CVE-2017-3793
MEDIUM
Cisco ASA 8.0-8.7, 9.0-9.6 DoS via TCP Normalizer Queue Exhaustion
CVSS 4.0
CVE-2017-7940
MEDIUM
ImageWorsener 1.3.0 - Uncontrolled Resource Consumption via Crafted GIF File
CVSS 5.5
CVE-2017-6019
HIGH
Schneider Electric Conext ComBox 865-1058 Firmware < 3.03 - Denial of Service via Rapid Requests
CVSS 7.5
CVE-2017-3885
MEDIUM
Cisco Firepower System Software <6.2.1 - DoS
CVSS 5.9
CVE-2017-7397
HIGH
BackBox Linux 4.6 - Denial of Service via Martian Source IP Packet Flood
CVSS 7.5
CVE-2017-2461
HIGH
iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Denial of Service in CoreText
CVSS 7.5
CVE-2017-7285
HIGH
MikroTik RouterOS 6.38.5 - Unauthenticated Denial of Service via TCP RST Packet Flood
CVSS 7.5
CVE-2017-3857
HIGH
Cisco IOS 12.0-12.4 and 15.0-15.6 and IOS XE 3.1-3.18 - Unauthenticated Denial of Service via L2TP Packet Parsing
CVSS 7.5
CVE-2017-3856
HIGH
Cisco IOS XE 3.1-3.17 - Unauthenticated Denial of Service via Web UI High Load
CVSS 7.5
CVE-2017-6444
HIGH
MikroTik RouterOS 6.25 - Denial of Service via Unsolicited TCP ACK Packets
CVSS 7.5
CVE-2017-6552
HIGH
Sagemcom Livebox 3 SG30_sip-fr-5.15.8.1 - Denial of Service via IPv6 Routing Table Exhaustion
CVSS 7.5
Details
Vulnerabilities
3,152
Exploit Likelihood
High