Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-400

CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,128 vulnerabilities with CWE-400

CVE-2025-3986 MEDIUM

Apereo CAS 5.2.6 - Inefficient Regular Expression Complexity

CVE-2025-3985 LOW

Apereo CAS 5.2.6 - Inefficient Regular Expression Complexity in Query Parameter

CVE-2025-46580 HIGH

ZTE ZXCloud GoldenDB 6.1.03-6.1.03.10 - Uncontrolled Resource Consumption via System Table Access

CVE-2025-2811 MEDIUM

GL.iNet Various - Path Traversal

CVE-2025-27087 MEDIUM

HPE Cray Operating System (COS) < cos-base-3.2 - Local Denial of Service via Kernel Resource Consumption

CVE-2025-31118 HIGH

NamelessMC < 2.2.0 - Authenticated Uncontrolled Resource Consumption via Forum Quick Reply

CVE-2025-30158 HIGH

NamelessMC < 2.2.0 - Authenticated Denial of Service via Oversized Iframe Injection

CVE-2025-30730 HIGH

Oracle Application Object Library 12.2.5-12.2.14 - Unauthenticated Denial of Service via HTTP

CVE-2025-30725 MEDIUM

Oracle VM VirtualBox 7.1.6 - Authenticated Denial of Service and Data Manipulation

CVE-2025-30715 MEDIUM

MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Denial of Service

CVE-2025-30705 MEDIUM

MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Denial of Service in Server: PS

CVE-2025-30704 MEDIUM

MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Denial of Service via Components Services

CVE-2025-30681 LOW

MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Authenticated Partial Denial of Service in Replication

CVE-2025-21577 MEDIUM

MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Denial of Service in InnoDB

CVE-2025-21575 MEDIUM

MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Denial of Service in Server Parser

CVE-2025-21574 MEDIUM

Oracle MySQL Server 8.0.0-8.0.41, 8.4.0-8.4.4, 9.0.0-9.2.0 - Denial of Service in Parser

CVE-2025-27081 MEDIUM

HPE NonStop OSM Service Connection Suite - DoS

CVE-2025-27486 HIGH

Windows Standards-Based Storage Management Service - DoS

CVE-2025-27485 HIGH

Windows Standards-Based Storage Management Service - DoS

CVE-2025-27473 HIGH

Windows HTTP.sys - Unauthenticated Denial of Service via Uncontrolled Resource Consumption

CVE-2025-27470 HIGH

Windows Standards-Based Storage Management Service - DoS

CVE-2025-27469 HIGH

Windows LDAP - Lightweight Directory Access Protocol - DoS

CVE-2025-26680 HIGH

Windows Server 2012, 2016, 2019, 2022, 2025 - Unauthenticated DoS via Storage Management Service

CVE-2025-26673 HIGH

Windows 10 1507-24H2 and Windows Server 2008 - Unauthenticated Denial of Service via LDAP Resource Consumption

CVE-2025-26652 HIGH

Windows Server 2012-2025 Unauthenticated DoS via Storage Management Service

Previous Page 31 of 126 Next

Details

Vulnerabilities 3,128

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy