CWE-400
High likelihoodUncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
3,141 vulnerabilities with CWE-400
CVE-2023-22799
HIGH
GlobalID < 1.0.1 - Denial of Service via Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2023-22796
HIGH
Activesupport < 6.1.7.1 - Denial of Service
CVSS 7.5
CVE-2023-22795
HIGH
Rails < 6.1.7.1 and < 7.0.4.1 - Denial of Service via If-None-Match Header Regex
CVSS 7.5
CVE-2023-22792
HIGH
Rails 3.0.0-5.2.8.14 and 6.0.0-6.0.6.0 - Denial of Service via Regular Expression Backtracking in Action Dispatch
CVSS 7.5
CVE-2023-25151
HIGH
opentelemetry-go-contrib 0.38.0-0.38.9 - Denial of Service via Query String Cardinality Exhaustion
CVSS 7.5
CVE-2023-23925
HIGH
switcher_client < 3.1.4 - Regular Expression Denial of Service via Strategy Match Operation
CVSS 8.6
CVE-2023-24574
HIGH
Dell Enterprise SONiC OS - Uncontrolled Resource Consumption
CVSS 7.5
CVE-2023-23552
HIGH
F5 BIG-IP Advanced WAF and ASM 13.1.x-16.1.x - Uncontrolled Resource Consumption
CVSS 7.5
CVE-2023-22664
HIGH
BIG-IP 16.1.0-16.1.3.2 and 17.0.0-17.0.0.1 - Uncontrolled Resource Consumption via HTTP/2 Profile
CVSS 7.5
CVE-2023-23616
LOW
Discourse < 3.0.1 - Uncontrolled Resource Consumption via Membership Request Reason
CVSS 3.5
CVE-2023-22486
LOW
cmark-gfm < 0.29.0.gfm.7 - Denial of Service via Polynomial Time Complexity in handle_close_bracket
CVSS 3.5
CVE-2023-20922
MEDIUM
Android - Local Denial of Service via PackageManagerService Resource Exhaustion
CVSS 5.5
CVE-2023-20908
MEDIUM
Android - Denial of Service via Resource Exhaustion in SettingsState.java
CVSS 5.5
CVE-2023-22484
LOW
cmark-gfm < 0.29.0.gfm.7 - Denial of Service via Polynomial Time Complexity Issue
CVSS 3.5
CVE-2023-22483
LOW
cmark-gfm < 0.29.0.gfm.7 - Denial of Service via Polynomial Time Complexity Issues
CVSS 3.5
CVE-2023-20047
MEDIUM
Cisco Webex Room Phone/Cisco Webex Share - DoS
CVSS 6.5
CVE-2023-21838
HIGH
Oracle WebLogic Server <14.1.1.0.0 - DoS
CVSS 7.5
CVE-2023-23590
HIGH
Mercedes-Benz XENTRY Retail Data Storage 7.8.1 - Unauthenticated Denial of Service via API Request
CVSS 7.5
CVE-2023-22470
LOW
Nextcloud Deck < 1.6.5 - Denial of Service via Database Error
CVSS 3.5
CVE-2023-22400
HIGH
Juniper Junos OS Evolved - Unauthenticated Denial of Service via SNMP GET or CLI Command GUID Exhaustion
CVSS 7.5
CVE-2023-22396
HIGH
Juniper Junos OS - Unauthenticated Denial of Service via TCP Packet MBUF Leak
CVSS 7.5
CVE-2023-21728
HIGH
Windows 7, 8.1, RT 8.1, 10, 11 - Denial of Service in Netlogon
CVSS 7.5
CVE-2023-21557
HIGH
Windows LDAP - Denial of Service via Integer Overflow
CVSS 7.5
CVE-2023-21547
HIGH
Microsoft Windows IKE Protocol - Denial of Service
CVSS 7.5
CVE-2023-21543
HIGH
Windows L2TP - Remote Code Execution
CVSS 8.1
Details
Vulnerabilities
3,141
Exploit Likelihood
High