CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,102 vulnerabilities with CWE-400
CVE-2025-48041 HIGH
Erlang/OTP 17.0-28.0.3, 27.3.4.3, 26.2.5.15 - Uncontrolled Resource Consumption in SSH SFTP Module
CVE-2025-48040 MEDIUM
Erlang OTP <28.0.3 - Uncontrolled Resource Consumption
CVE-2025-48039 MEDIUM
Erlang OTP <28.0.3 - Excessive Allocation
CVE-2025-48038 MEDIUM
Erlang OTP - Resource Leak Exposure
CVE-2025-20340 HIGH
Cisco IOS XR Software - Unauthenticated Denial of Service via ARP Broadcast Storm
CVSS 7.4
CVE-2025-49460 MEDIUM
Zoom Meeting SDK < 6.5.0 - Unauthenticated Denial of Service via Uncontrolled Resource Consumption
CVSS 4.3
CVE-2025-52322 HIGH
open5gs < 2.7.2 - Denial of Service via Crafted Create Session Request
CVSS 7.5
CVE-2025-40802 LOW
RUGGEDCOM RST2428P - Denial of Service via High Volume Query Requests
CVSS 3.1
CVE-2025-58451 HIGH
cattown < 1.0.2 - Denial of Service via Inefficient Regular Expression Complexity
CVE-2025-52288 HIGH
Open5GS < 2.7.5 - Denial of Service via Repeated UE Connect/Disconnect Messages
CVSS 7.5
CVE-2025-58369 MEDIUM
fs2 < 2.5.13, 3.0.0-M1-3.12.2, 3.13.0-M1-3.13.0-M6 - Denial of Service via TLS Handshake
CVSS 5.3
CVE-2025-48542 MEDIUM
Android - Denial of Service via Resource Exhaustion in AccountManagerService
CVSS 5.5
CVE-2025-26463 MEDIUM
Android - Local Denial of Service via Package Access Exhaustion
CVSS 5.5
CVE-2025-26449 MEDIUM
Android - Denial of Service via Resource Exhaustion
CVSS 5.5
CVE-2025-26423 MEDIUM
Android - Denial of Service via WifiConfigurationUtil Missing Bounds Check
CVSS 6.2
CVE-2025-43772 HIGH
Liferay Portal 7.0.0-7.4.3.4 and Liferay DXP - Denial of Service via Unrestricted Session Parameter Storage
CVE-2025-36892 HIGH
Android Pixel WLAN - Denial of Service via Improper Input Validation
CVSS 7.5
CVE-2025-52494 HIGH
Adacore Ada Web Server < 26.0 - Denial of Service via Malformed TLS ClientHello
CVSS 7.5
CVE-2025-57614 HIGH
rust-ffmpeg 0.3.0 - Denial of Service via Integer Overflow in Cached Method
CVSS 7.5
CVE-2025-58157 HIGH
gnark 0.12.0-<0.13.0 - Denial of Service via Fake-GLV Algorithm
CVSS 7.5
CVE-2025-9670 MEDIUM
mixmark-io turndown <7.2.1 - Info Disclosure
CVSS 5.3
CVE-2025-29898 MEDIUM
Qsync Central 4.5.0.3-4.5.0.6 - Authenticated Denial of Service via Resource Consumption
CVSS 6.5
CVE-2025-54995 MEDIUM
Asterisk < 18.26.4 and Certified Asterisk < 18.9-cert17 - Resource Exhaustion via RTP Session Leak
CVSS 6.5
CVE-2025-55634 HIGH
Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - DoS
CVSS 7.5
CVE-2025-55631 MEDIUM
Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - DoS
CVSS 4.0
Details
Vulnerabilities 3,102
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits