CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,141 vulnerabilities with CWE-400
CVE-2023-1605 HIGH
radare2 < 5.8.6 - Denial of Service
CVSS 7.5
CVE-2023-24862 MEDIUM
Windows Secure Channel - Denial of Service via Out-of-bounds Read
CVSS 5.5
CVE-2023-23411 MEDIUM
Windows 10 1507-22H2 and Windows 11 21H2-22H2 - Denial of Service via Hyper-V
CVSS 6.5
CVE-2023-23396 MEDIUM
Microsoft Office Online Server - Denial of Service via Excel File Processing
CVSS 6.5
CVE-2023-27270 MEDIUM
SAP NetWeaver Application Server - DoS
CVSS 6.5
CVE-2023-25618 MEDIUM
SAP NetWeaver Application Server ABAP - Authenticated Denial of Service via Error Handling Class
CVSS 6.5
CVE-2023-27530 HIGH
Rack <2.0.9.3 - Denial of Service via Multipart MIME Parsing
CVSS 7.5
CVE-2023-1072 MEDIUM
GitLab 9.0-15.7.7, 15.8-15.8.3, 15.9-15.9.1 - Uncontrolled Resource Consumption via Commit Details Request
CVSS 4.3
CVE-2023-27484 MEDIUM
crossplane 1.9.0-1.9.1 - Uncontrolled Resource Consumption via High Index in Composition Patch
CVSS 6.2
CVE-2023-27483 MEDIUM
crossplane-runtime 0.17.0-0.19.1 - Uncontrolled Resource Consumption via Paved.SetValue Method
CVSS 5.9
CVE-2023-26601 HIGH
ManageEngine Asset Explorer < 6.9 - Denial of Service
CVSS 7.5
CVE-2023-27567 HIGH
OpenBSD 7.2 - Denial of Service via TCP Packet with Destination Port 0
CVSS 7.5
CVE-2023-26470 MEDIUM
XWiki < 14.0 - Uncontrolled Resource Consumption via Large Object Addition
CVSS 5.7
CVE-2023-20014 HIGH
Cisco Nexus Dashboard Software - DoS
CVSS 7.5
CVE-2023-23689 MEDIUM
Dell PowerScale A200/A2000/H400/H500/H600/H5600/F800/F810 - DoS via Resource Consumption
CVSS 5.3
CVE-2023-23524 HIGH
iPadOS < 16.3.1 - Denial of Service via Maliciously Crafted Certificate
CVSS 7.5
CVE-2023-26104 HIGH
lite-web-server - Denial of Service via Malformed URI Control Characters
CVSS 7.5
CVE-2023-25816 MEDIUM
Nextcloud Server 25.0.0-25.0.3 - Uncontrolled Resource Consumption via Long Password Validation
CVSS 4.3
CVE-2023-23296 MEDIUM
Korenix JetWave Series - Denial of Service via /goform/formDefault
CVSS 6.5
CVE-2023-23009 MEDIUM
Libreswan 4.9 - Denial of Service via Crafted TS Payload
CVSS 6.5
CVE-2023-0662 HIGH
PHP 8.0.0-8.0.27 - Denial of Service via HTTP Form Upload
CVSS 7.5
CVE-2023-24580 HIGH
Django 3.2-3.2.18 - Denial of Service via Multipart Request Parser
CVSS 7.5
CVE-2023-0518 MEDIUM
GitLab 14.0-15.6.6, 15.7-15.7.5, 15.8 - Denial of Service via Malicious Helm Chart Upload
CVSS 4.3
CVE-2023-23631 MEDIUM
go-unixfsnode < 1.5.2 - Denial of Service via Malformed HAMT Directory Handling
CVSS 5.9
CVE-2023-23625 MEDIUM
go-unixfs < 0.4.3 - Denial of Service via Malformed HAMT Directory
CVSS 5.9
Details
Vulnerabilities 3,141
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits