CWE-400
High likelihoodUncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
3,139 vulnerabilities with CWE-400
CVE-2024-25269
HIGH
libheif <= 1.17.6 - Memory Corruption
CVSS 7.5
CVE-2024-27355
HIGH
phpseclib <1.0.23, <2.0.47, <3.0.36 - DoS
CVSS 7.5
CVE-2024-27354
HIGH
phpseclib <1.0.23, 2.0.47, 3.0.36 - DoS
CVSS 7.5
CVE-2024-1953
MEDIUM
Mattermost <8.1.9, <9.2.5, 9.3.0, <9.4.2 - DoS
CVSS 4.3
CVE-2024-24988
MEDIUM
Mattermost < 8.1.8 and 9.3.0-9.3.1 - Denial of Service via Custom User Status Emoji Length
CVSS 4.3
CVE-2024-20344
MEDIUM
Cisco UCS 6400/6500 Series < 1.0.11-1582 - DoS via TCP Flood
CVSS 5.3
CVE-2024-20321
HIGH
Cisco NX-OS - Unauthenticated Denial of Service via eBGP Traffic Rate-Limiter Exhaustion
CVSS 8.6
CVE-2024-26141
MEDIUM
Rack 1.3.0-2.2.8.0 and 3.0.0-3.0.9.0 - Denial of Service via Range Header
CVSS 5.8
CVE-2024-25398
HIGH
Srelay 0.4.8p3 - Denial of Service via Crafted Network Payload
CVSS 7.5
CVE-2024-27088
NONE
es5-ext 0.10.0-0.10.62 - Inefficient Regular Expression Complexity in function#copy and function#toStringTokens
CVE-2024-23835
HIGH
Suricata 7.0.0-7.0.2 - Denial of Service via PostgreSQL Parser Memory Exhaustion
CVSS 7.5
CVE-2024-22201
HIGH
Eclipse Jetty 9.3.0-9.4.53, 10.0.8-10.0.19, 12.0.0-12.0.5 - Denial of Service via HTTP/2 SSL Connection Leak
CVSS 7.5
CVE-2024-1635
HIGH
Netapp Active IQ Unified Manager < 2.3.12.Final - Denial of Service
CVSS 7.5
CVE-2024-25978
HIGH
moodle 4.1.0-4.1.8 and 4.3.0-4.3.2 - Denial of Service via File Picker Unzip Functionality
CVSS 7.5
CVE-2024-20978
MEDIUM
MySQL Server <= 8.0.35 and 8.2.0 - Authenticated Denial of Service in Optimizer
CVSS 4.9
CVE-2024-20976
MEDIUM
MySQL Server <= 8.0.35 and 8.2.0 - Authenticated Denial of Service in Optimizer
CVSS 4.9
CVE-2024-20972
MEDIUM
MySQL Server <= 8.0.35 and 8.2.0 - Authenticated Denial of Service in Optimizer
CVSS 4.9
CVE-2024-20964
MEDIUM
MySQL Server < 8.0.35 - Denial of Service in Privilege Security Component
CVSS 5.3
CVE-2024-20962
MEDIUM
MySQL Server < 8.0.35 and 8.2.0 - Denial of Service in Optimizer
CVSS 6.5
CVE-2024-24750
MEDIUM
Undici 6.0.0-6.6.0 - Use-After-Free via Unconsumed Fetch Body
CVSS 6.5
CVE-2024-20716
MEDIUM
Adobe Commerce 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier - Denial of Service via Uncontrolled Resource Consumption
CVSS 4.9
CVE-2024-25617
MEDIUM
Squid 3.0-6.4 - Denial of Service via Oversized HTTP Headers
CVSS 5.3
CVE-2024-23952
MEDIUM
Apache Superset <= 2.1.2 and 3.0.0-3.0.1 - Authenticated Uncontrolled Resource Consumption via ZIP Import
CVSS 6.5
CVE-2024-24814
HIGH
mod_auth_openidc 2.0.0-2.4.15.1 - Denial of Service via mod_auth_openidc_session_chunks Cookie
CVSS 7.5
CVE-2024-21386
HIGH
.NET 6.0.0-6.0.26 - Denial of Service
CVSS 7.5
Details
Vulnerabilities
3,139
Exploit Likelihood
High