CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,152 vulnerabilities with CWE-400
CVE-2016-6307 MEDIUM
OpenSSL 1.1.0 - Denial of Service via Excessive TLS Message Length
CVSS 5.9
CVE-2016-6172 MEDIUM
PowerDNS <4.0.1 - DoS
CVSS 6.8
CVE-2016-5403 MEDIUM
Canonical Ubuntu Linux < 2.6.0 - Denial of Service
CVSS 5.5
CVE-2016-4592 MEDIUM
WebKit - Denial of Service via Memory Consumption
CVSS 6.5
CVE-2016-4037 MEDIUM
QEMU - Denial of Service
CVSS 6.0
CVE-2016-1784 MEDIUM
Safari < 9.1 - Denial of Service via Crafted Web Site
CVSS 6.5
CVE-2016-0747 MEDIUM
nginx < 1.8.1 and 1.9.x < 1.9.10 - Denial of Service via Uncontrolled CNAME Resolution
CVSS 5.3
CVE-2015-9548 HIGH
Mattermost Server < 1.2.0 - Denial of Service via Compressed File Decompression
CVSS 7.5
CVE-2015-4411 HIGH
mongodb/bson < 3.0.4 - Denial of Service via Crafted String in ObjectId.legal?
CVSS 7.5
CVE-2015-5333 HIGH
LibreSSL < 2.3.1 - Denial of Service via ASN.1 Object Identifier Memory Leak
CVSS 7.5
CVE-2015-9239 HIGH
ansi2html - Regular Expression Denial of Service via User Input
CVSS 7.5
CVE-2015-9242 HIGH
ecstatic < 1.4.0 - Denial of Service via If-Modified-Since Header
CVSS 7.5
CVE-2015-9241 HIGH
hapi < 11.1.3 - Denial of Service via If-Modified-Since or Last-Modified Header
CVSS 7.5
CVE-2015-9253 MEDIUM
PHP < 7.1.20 - Uncontrolled Resource Consumption via Non-Blocking STDIN Stream
CVSS 6.5
CVE-2015-4412 CRITICAL
bson-ruby < 3.0.4 - Denial of Service via Crafted String in legal? Function
CVSS 9.8
CVE-2015-7384 HIGH
Node.js 4.0.0-4.1.1 - Denial of Service via Uncontrolled Resource Consumption
CVSS 7.5
CVE-2015-3248 MEDIUM
openhpi < 3.5.0 - Denial of Service via World-Writable /var/lib/openhpi Directory
CVSS 4.7
CVE-2015-5695 MEDIUM
OpenStack Designate 2015.1.0-1.0.0.0b1 - Denial of Service via Zone File Transfer
CVSS 6.5
CVE-2015-2313 HIGH
capnproto < 0.4.1.1 and 0.5.x < 0.5.1.2 - Denial of Service via Crafted Small Message
CVSS 7.5
CVE-2015-2312 HIGH
capnproto < 0.4.1.1 and 0.5.x < 0.5.1.1 - Denial of Service via Large List Element Count
CVSS 7.5
CVE-2015-1417 HIGH
FreeBSD DoS via TCP Connection mbuf Consumption
CVSS 7.5
CVE-2015-7978 HIGH
NTP < 4.2.8p6 and 4.3.0 < 4.3.90 - Denial of Service via ntpdc relist Command
CVSS 7.5
CVE-2015-1779 HIGH
QEMU < 2.2.1 - Denial of Service via VNC WebSocket Frame Decoder
CVSS 8.6
CVE-2015-5600 HIGH
OpenSSH < 6.9 - Denial of Service via Keyboard-Interactive Device List
CVSS 8.1
CVE-2015-1916 HIGH
IBM Java 8 - Denial of Service via SSL/TLS Secure Socket Extension
CVSS 7.5
Details
Vulnerabilities 3,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits