CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,100 vulnerabilities with CWE-400
CVE-2025-70047 HIGH
Nexusoft NexusInterface 3.2.0-beta.2 - DoS
CVSS 7.5
CVE-2025-70059 HIGH
YMFE yapi 1.12.0 - Denial of Service via Uncontrolled Resource Consumption
CVSS 7.5
CVE-2025-69654 HIGH
QuickJS 2025-09-13 - Denial of Service via Crafted JavaScript Input with Memory Limit
CVSS 7.5
CVE-2025-69646 MEDIUM
Binutils objdump - Denial of Service via Malformed DWARF debug_rnglists Data
CVSS 5.5
CVE-2025-69645 MEDIUM
Binutils - Denial of Service via Malformed DWARF Debug Information
CVSS 5.5
CVE-2025-69644 MEDIUM
Binutils < 2.46 - Denial of Service via Malformed DWARF Debug Information
CVSS 5.0
CVE-2025-69534 HIGH
Python-Markdown < 3.8.1 - Unauthenticated Denial of Service via Malformed HTML-like Sequence
CVSS 7.5
CVE-2025-48609 CRITICAL
Android - Uncontrolled Resource Consumption via Path Traversal in MmsProvider.java
CVSS 9.1
CVE-2025-67445 HIGH
TOTOLINK X5000R V9.1.0cu.2415_B20250515 - DoS
CVSS 7.5
CVE-2025-70327 CRITICAL
TOTOLINK X5000R v9.1.0cu_2415_B20250515 - Command Injection
CVSS 9.8
CVE-2025-66676 MEDIUM
IObit Unlocker 1.3.0.11 - Denial of Service via Crafted Request
CVSS 6.2
CVE-2025-70886 HIGH
halo < 2.22.4 - Denial of Service via Comment Submission Payload
CVSS 7.5
CVE-2025-46304 MEDIUM
macOS <15.7.4-iPadOS <18.7.5-macOS <14.8.4 - Use After Free
CVSS 5.7
CVE-2025-69873 LOW
ajv < 8.18.0 - Regular Expression Denial of Service via $data Reference
CVSS 2.9
CVE-2025-62854 MEDIUM
QNAP File Station 5.5.6.4691-5.5.6.5190 - Authenticated Denial of Service
CVSS 6.5
CVE-2025-54151 MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Denial of Service via Uncontrolled Resource Consumption
CVSS 5.5
CVE-2025-54150 MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Denial of Service via Uncontrolled Resource Consumption
CVSS 5.5
CVE-2025-54149 MEDIUM
Qsync Central 5.0.0.0-5.0.0.3 - Authenticated Denial of Service via Uncontrolled Resource Consumption
CVSS 5.5
CVE-2025-70347 MEDIUM
mquickjs - Denial of Service via Crafted File to get_mblock_size Function
CVSS 5.5
CVE-2025-71031 HIGH
melang melon < 2025-01-18 - Denial of Service via Excessive HTTP Request Header
CVSS 7.5
CVE-2025-59439 HIGH
Samsung Exynos Modem 5123 DoS via NAS Registration Message Handling
CVSS 7.5
CVE-2025-7105 MEDIUM
danny-avila/librechat - Use After Free
CVSS 5.7
CVE-2025-6208 MEDIUM
Llama Index <0.12.23 - Memory Corruption
CVSS 5.3
CVE-2025-71000 HIGH
OneFlow v0.9.0 - Denial of Service via Crafted Input in flow.cuda.BoolTensor
CVSS 7.5
CVE-2025-70999 HIGH
OneFlow v0.9.0 - Denial of Service via GPU Device-ID Validation Flaw
CVSS 7.5
Details
Vulnerabilities 3,100
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits