CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,128 vulnerabilities with CWE-400
CVE-2024-43105 MEDIUM
Mattermost Plugin Channel Export <=1.0.0 - DoS
CVSS 4.3
CVE-2024-8041 MEDIUM
GitLab < 17.1.6, 17.2 < 17.2.4, 17.3 < 17.3.1 - Denial of Service via GitHub Importer
CVSS 6.5
CVE-2024-39810 MEDIUM
Mattermost 9.5.0-9.5.7 and 9.10.0 - Denial of Service via ElasticSearch CA Path File
CVSS 4.9
CVE-2024-45166 CRITICAL
UCI IDOL 2 <2.12 - DoS/Remote Code Execution
CVSS 9.8
CVE-2024-45163 CRITICAL
Mirai Botnet through 2024-08-19 - Unauthenticated Denial of Service via TCP Connection Exhaustion
CVSS 9.1
CVE-2024-7592 HIGH
CPython < 3.8.20 - Inefficient Regular Expression Complexity in http.cookies Module
CVSS 7.5
CVE-2024-43380 MEDIUM
fugit < 1.11.1 - Uncontrolled Resource Consumption in Natural Parser
CVSS 5.3
CVE-2024-42849 MEDIUM
Silverpeas < 6.4.2 - Denial of Service via Password Change Function
CVSS 6.5
CVE-2024-42981 HIGH
Tenda FH1206 v02.03.01.35 - Buffer Overflow
CVSS 7.5
CVE-2024-42980 HIGH
Tenda FH1206 <v02.03.01.35 - Buffer Overflow
CVSS 7.5
CVE-2024-42969 HIGH
Tenda FH1206 <v02.03.01.35 - Buffer Overflow
CVSS 7.5
CVE-2024-42951 HIGH
Tenda FH1201 v1.2.0.14 - Buffer Overflow
CVSS 7.5
CVE-2024-42950 HIGH
Tenda FH1201 v1.2.0.14 - Buffer Overflow
CVSS 7.5
CVE-2024-42943 HIGH
Tenda FH1201 v1.2.0.14 - Buffer Overflow
CVSS 7.5
CVE-2024-41727 HIGH
F5 BIG-IP - Resource Exhaustion via Undisclosed Traffic
CVSS 7.5
CVE-2024-7567 MEDIUM
Rockwell Automation Micro850/870 - DoS
CVE-2024-38168 HIGH
.NET 8.0.0-8.0.7 and Visual Studio 2022 17.6.0-17.6.17 - Denial of Service
CVSS 7.5
CVE-2024-42481 HIGH
skyportd < 0.2.2 - Unauthenticated Denial of Service via Uncontrolled Resource Creation
CVSS 7.5
CVE-2024-0115 MEDIUM
NVIDIA CV-CUDA for Ubuntu 20.04, Ubuntu 22.04, and Jetpack - Uncontrolled Resource Consumption via Python API
CVSS 6.1
CVE-2024-7610 MEDIUM
GitLab 15.9-17.0.5, 17.1-17.1.3, 17.2-17.2.1 - Denial of Service via Elasticsearch Result Parsing
CVSS 4.3
CVE-2024-5423 MEDIUM
GitLab < 17.0.6, 17.1 < 17.1.4, 17.2 < 17.2.2 - Denial of Service via Banzai Pipeline
CVSS 6.5
CVE-2024-4210 MEDIUM
GitLab 12.6-17.0.5, 17.1-17.1.3, 17.2-17.2.1 - Denial of Service via Crafted Adoc Files
CVSS 6.5
CVE-2024-41989 HIGH
Django 4.2-4.2.14 and 5.0-5.0.7 - Uncontrolled Resource Consumption via floatformat Template Filter
CVSS 7.5
CVE-2024-42399 MEDIUM
ArubaOS 10.4.0.0-10.4.1.1 and InstantOS 8.10.0.0-8.10.0.12 - Unauthenticated Denial of Service via PAPI Protocol
CVSS 5.3
CVE-2024-42398 MEDIUM
ArubaOS 10.4.0.0-10.4.1.1 & InstantOS 8.10.0.0-8.10.0.12 - DoS via Soft AP Daemon PAPI
CVSS 5.3
Details
Vulnerabilities 3,128
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits