CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,141 vulnerabilities with CWE-400
CVE-2023-42520 HIGH
WithSecure Client Security 15 - Remote Denial of Service via Crafted Data File Unpacking
CVSS 7.5
CVE-2023-37263 MEDIUM
Strapi < 4.12.1 - Uncontrolled Resource Consumption via Field Level Permissions Bypass
CVSS 6.8
CVE-2023-32665 MEDIUM
GLib < 2.74.4 - Denial of Service via GVariant Deserialization
CVSS 5.5
CVE-2023-32636 MEDIUM
glib < 2.74.4 - Denial of Service via GVariant Deserialization Offset Table Validation
CVSS 4.7
CVE-2023-32611 MEDIUM
GLib < 2.74.2 - Denial of Service via GVariant Deserialization
CVSS 5.5
CVE-2023-29499 MEDIUM
GLib < 2.74.4 - Denial of Service via GVariant Deserialization
CVSS 5.5
CVE-2023-42503 MEDIUM
Apache Commons Compress 1.22-1.23.0 - Denial of Service via Malformed TAR File Modification Time Headers
CVSS 5.5
CVE-2023-26141 HIGH
Sidekiq < 6.5.10 and 7.0.0-7.1.3 - Denial of Service via Dashboard Polling Manipulation
CVSS 7.5
CVE-2023-38162 HIGH
Windows Server 2012, 2016, 2019, 2022 - Denial of Service via DHCP Server Service Integer Underflow
CVSS 7.5
CVE-2023-38149 HIGH
Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Denial of Service via TCP/IP
CVSS 7.5
CVE-2023-36799 MEDIUM
.NET and Visual Studio - Denial of Service
CVSS 6.5
CVE-2023-36161 HIGH
Qubo Smart Plug <HSP02_01_01_14_SYSTEM-10A - DoS
CVSS 7.5
CVE-2023-39321 HIGH
GO < 1.21.1 - Denial of Service
CVSS 7.5
CVE-2023-40584 MEDIUM
Argo CD 2.4.0-2.6.14 - Denial of Service via Malicious tar.gz File Extraction
CVSS 6.5
CVE-2023-40591 HIGH
go-ethereum <1.12.1 - Memory Corruption
CVSS 7.5
CVE-2023-28188 MEDIUM
macOS 13.0-13.2 - Denial of Service via Improved Input Validation
CVSS 6.5
CVE-2023-4162 MEDIUM
Brocade Fabric OS <9.2.0a - Memory Corruption
CVSS 4.4
CVE-2023-40594 MEDIUM
Splunk Enterprise <8.2.12,9.0.6,9.1.1 - DoS
CVSS 6.5
CVE-2023-40593 MEDIUM
Splunk Enterprise <9.0.6-8.2.12 - DoS
CVSS 6.3
CVE-2023-41121 HIGH
ArrayOS AG < 9.4.0.499 - Denial of Service via Abnormal HTTP Operations
CVSS 7.5
CVE-2023-40586 HIGH
OWASP Coraza WAF <3.0.1 - Info Disclosure
CVSS 7.5
CVE-2023-40583 HIGH
libp2p < 0.27.4 - Uncontrolled Resource Consumption via Signed Peer Records
CVSS 7.5
CVE-2023-41173 HIGH
AdGuard DNS < 2.2 - Denial of Service via Malformed UDP Packets
CVSS 7.5
CVE-2023-4418 HIGH
SICK LMS5xx Firmware - Denial of Service via TCP SYN Flood
CVSS 7.5
CVE-2023-40710 MEDIUM
opto22 SNAP PAC S1 Firmware R10.3b - Denial of Service via HTTP GET Request Flood
CVSS 6.8
Details
Vulnerabilities 3,141
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits