CWE-400
High likelihoodUncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
3,100 vulnerabilities with CWE-400
CVE-2025-65891
HIGH
OneFlow v0.9.0 - Denial of Service via Invalid Device Index in flow.cuda.get_device_properties()
CVSS 7.5
CVE-2025-65890
HIGH
OneFlow v0.9.0 - Denial of Service via Invalid GPU Device Index in flow.cuda.synchronize()
CVSS 7.5
CVE-2025-65889
HIGH
OneFlow v0.9.0 - Denial of Service via flow.dstack() Type Validation Flaw
CVSS 7.5
CVE-2025-65888
HIGH
OneFlow 0.9.0 - Denial of Service via Negative or Excessive Dimension Value
CVSS 7.5
CVE-2025-65886
HIGH
OneFlow v0.9.0 - Denial of Service via Crafted Tensor Shapes
CVSS 7.5
CVE-2025-55102
HIGH
Eclipse ThreadX - NetX Duo < 6.4.3 - Denial of Service via IPv6 Packet Too Big Handling
CVSS 7.5
CVE-2025-59472
MEDIUM
Next.js 15.0.0-15.5.9 & 16.0.0-beta.0-16.1.4 - DoS via PPR Resume Endpoint Memory Exhaustion
CVSS 5.9
CVE-2025-59471
MEDIUM
Next.js 10.0.0-15.5.9 - Denial of Service via Image Optimizer Remote Patterns
CVSS 5.9
CVE-2025-66960
HIGH
ollama 0.1.2.10 - Denial of Service via GGUF Metadata String Length
CVSS 7.5
CVE-2025-66959
HIGH
ollama 0.1.2.10 - Denial of Service via GGUF Decoder
CVSS 7.5
CVE-2025-59465
HIGH
Node.js 20.0.0-20.19.1 - Denial of Service via Malformed HTTP/2 HEADERS Frame
CVSS 7.5
CVE-2025-59464
HIGH
Node.js 24.0.0-24.11.9 - Denial of Service via TLS Certificate Field Memory Leak
CVSS 7.5
CVE-2025-9466
HIGH
ArmorStart LT Firmware < 2.002 - Denial of Service via Achilles EtherNet/IP and CIP Grammar Tests
CVSS 7.5
CVE-2025-9465
HIGH
ArmorStart LT Firmware < 2.002 - Denial of Service via Achilles Grammar Test Execution
CVSS 7.5
CVE-2025-9464
HIGH
ArmorStart LT Firmware < 2.002 - Denial of Service via CIP Class Fuzzing
CVSS 7.5
CVE-2025-9283
HIGH
ArmorStart LT Firmware < 2.002 - Denial of Service via EtherNet/IP Step Limits Storms
CVSS 7.5
CVE-2025-9282
HIGH
ArmorStart LT Firmware < 2.002 - Denial of Service via Achilles Comprehensive Storm Test
CVSS 7.5
CVE-2025-9281
HIGH
ArmorStart LT Firmware < 2.002 - Denial of Service via Achilles Comprehensive Step Limit Storm Tests
CVSS 7.5
CVE-2025-9280
HIGH
ArmorStart LT Firmware < 2.002 - Denial of Service via Defensics Fuzzing
CVSS 7.5
CVE-2025-9279
HIGH
ArmorStart LT Firmware < 2.002 - Denial of Service via EtherNet/IP Step Limit Storm
CVSS 7.5
CVE-2025-9278
HIGH
ArmorStart LT Firmware < 2.002 - Denial of Service via Burp Suite Active Scan
CVSS 7.5
CVE-2025-69199
MEDIUM
Pterodactyl Wings < 1.12.0 - Unauthenticated Uncontrolled Resource Consumption via WebSocket Connections
CVSS 6.5
CVE-2025-69198
MEDIUM
Pterodactyl Panel < 1.12.0 - Unauthenticated Uncontrolled Resource Consumption via Concurrent Requests
CVSS 6.5
CVE-2025-15532
MEDIUM
Open5GS < 2.7.5 - Denial of Service in Timer Handler
CVSS 5.3
CVE-2025-67835
MEDIUM
Paessler PRTG Network Monitor < 25.4.114.1032 - Authenticated Denial of Service via Notification Contacts
CVSS 6.5
Details
Vulnerabilities
3,100
Exploit Likelihood
High