CWE-400
High likelihoodUncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
3,128 vulnerabilities with CWE-400
CVE-2024-45420
MEDIUM
Zoom Meeting SDK < 6.2.0 - Authenticated Denial of Service via Uncontrolled Resource Consumption
CVSS 4.3
CVE-2024-38828
MEDIUM
Spring WebMVC 5.3.0-5.3.41 - Denial of Service via @RequestBody byte[] Parameter
CVSS 5.3
CVE-2024-52520
MEDIUM
Nextcloud Server 27.0.0-27.1.11.8 and 28.0.0-28.0.10 - Uncontrolled Resource Consumption via Link Reference Provider
CVSS 5.7
CVE-2024-48989
HIGH
Bosch Rexroth IndraDrive FWA-INDRV*-MP* >=17VRS <20V36 - Denial of Service via PROFINET UDP Messages
CVSS 7.5
CVE-2024-9409
HIGH
Schneider Electric PowerLogic PM5341, PM5340, PM5320 Firmware - Denial of Service via IGMP Packet Flood
CVSS 7.5
CVE-2024-47535
MEDIUM
Netty < 4.1.115 - Denial of Service via Environment File Read
CVSS 5.5
CVE-2024-46891
MEDIUM
SINEC INS < V1.0 SP2 Update 3 - Unauthenticated Denial of Service via Log File Exhaustion
CVSS 5.3
CVE-2024-10345
HIGH
Helix Core < 2024.2 - Unauthenticated Denial of Service via Shutdown Function
CVE-2024-10344
HIGH
Helix Core < 2024.2 - Unauthenticated Denial of Service via Refuse Function
CVE-2024-10314
HIGH
Helix Core < 2024.2 - Unauthenticated Denial of Service via Auto-Generation Function
CVE-2024-38826
MEDIUM
Cloud Foundry < 1.194 - Authenticated Denial of Service via Crafted File Upload
CVE-2024-51513
MEDIUM
HarmonyOS - Uncontrolled Resource Consumption in VPN Module
CVSS 5.5
CVE-2024-10599
MEDIUM
Tongda OA 2017-11.7 - Denial of Service in Package Static Resources Processing
CVSS 5.3
CVE-2024-50354
MEDIUM
gnark < 0.12.0 and 0.11.0 - Uncontrolled Resource Consumption via Groth16 Verification Key Deserialization
CVSS 5.5
CVE-2024-31152
MEDIUM
LevelOne WBR-6012 Firmware R0.40e6 - Denial of Service via Crafted HTTP Requests
CVSS 5.3
CVE-2024-10466
HIGH
Firefox < 132 and ESR < 128.4 - Denial of Service via Crafted Push Message
CVSS 7.5
CVE-2024-49767
HIGH
Werkzeug <3.0.6 - DoS
CVSS 7.5
CVE-2024-20526
MEDIUM
Cisco Adaptive Security Appliance Software - Unauthenticated Denial of Service via SSH Message Handling
CVSS 5.3
CVE-2024-20351
HIGH
Cisco Firepower Threat Defense - DoS
CVSS 8.6
CVE-2024-21536
HIGH
http-proxy-middleware < 2.0.7 and 3.0.0-3.0.3 - Denial of Service via UnhandledPromiseRejection
CVSS 7.5
CVE-2024-21232
LOW
MySQL <= 8.4.2 and <= 9.0.1 - Uncontrolled Resource Consumption
CVSS 2.2
CVE-2024-21231
LOW
MySQL < 8.0.39, 8.4.2, 9.0.1 - Authenticated Partial Denial of Service via Client Programs
CVSS 3.1
CVE-2024-21230
MEDIUM
MySQL Server < 8.0.39, 8.4.2, 9.0.1 - Denial of Service in Optimizer
CVSS 6.5
CVE-2024-21219
MEDIUM
MySQL Server < 8.0.39, 8.4.2, 9.0.1 - Authenticated Denial of Service in DML Component
CVSS 4.9
CVE-2024-21218
MEDIUM
MySQL Server <= 8.0.39, <= 8.4.2, <= 9.0.1 - Authenticated Denial of Service in InnoDB
CVSS 4.9
Details
Vulnerabilities
3,128
Exploit Likelihood
High