CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,142 vulnerabilities with CWE-400
CVE-2022-30122 HIGH
Rack <2.0.9.1, <2.1.4.1, <2.2.3.1 - Denial of Service in Multipart Parsing
CVSS 7.5
CVE-2022-41969 LOW
Nextcloud Server < 23.0.11, 24.0.7, 25.0.0 - Denial of Service via Long Password Creation
CVSS 2.4
CVE-2022-41968 LOW
Nextcloud Server 23.0.0-23.0.9 - Denial of Service via Calendar Name Length
CVSS 3.5
CVE-2022-41568 HIGH
LINE client for iOS <12.17.0 - Info Disclosure
CVSS 7.5
CVE-2022-39346 LOW
Nextcloud Server < 22.2.10 - Denial of Service via Uncontrolled Display Name Length
CVSS 3.5
CVE-2022-45873 MEDIUM
systemd 250-251 - Local Denial of Service via Coredump Deadlock
CVSS 5.5
CVE-2022-41932 HIGH
XWiki < 13.10.8 - Denial of Service via Crafted User Identifier in Login Form
CVSS 7.5
CVE-2022-41952 MEDIUM
Synapse < 1.53.0 - Resource Exhaustion via URL Preview Media Stream Handling
CVSS 6.5
CVE-2022-38871 HIGH
free5gc v3.0.5 - Denial of Service via Malformed NAS Messages
CVSS 7.5
CVE-2022-4006 LOW
WBCE CMS - Improper Restriction of Excessive Authentication Attempts
CVSS 3.7
CVE-2022-20854 HIGH
Cisco Firepower Management Center 6.1.0-6.1.0.6 - Unauthenticated Denial of Service via SSH Connection Handling
CVSS 7.5
CVE-2022-40735 HIGH
Diffie-Hellman Key Agreement Protocol - Uncontrolled Resource Consumption via Long Exponents
CVSS 7.5
CVE-2022-45199 HIGH
Pillow < 9.3.0 - Denial of Service via SAMPLESPERPIXEL
CVSS 7.5
CVE-2022-30691 MEDIUM
Intel Support < 22.02.28 - Authenticated Denial of Service via Uncontrolled Resource Consumption
CVSS 5.9
CVE-2022-3818 MEDIUM
GitLab < 15.3.5, 15.4 < 15.4.4, 15.5 < 15.5.2 - Denial of Service via URL Parsing
CVSS 5.3
CVE-2022-43572 HIGH
Splunk Enterprise <8.2.9-9.0.2 - DoS
CVSS 7.5
CVE-2022-43564 MEDIUM
Splunk Enterprise <8.1.12-9.0.2 - DoS
CVSS 4.9
CVE-2022-20960 HIGH
Cisco Email Security Appliance < 14.2.1-015 - Unauthenticated Denial of Service via TLS Connection Flood
CVSS 7.5
CVE-2022-20937 MEDIUM
Cisco Identity Services Engine - Unauthenticated Denial of Service via RADIUS Traffic
CVSS 5.3
CVE-2022-43238 MEDIUM
Libde265 1.0.8 - Denial of Service via Crafted Video File
CVSS 6.5
CVE-2022-32927 HIGH
iPadOS < 15.7.1 - Denial of Service via Malicious Wi-Fi Network
CVSS 7.5
CVE-2022-39294 HIGH
conduit-hyper 0.2.0-0.4.1 - Denial of Service via Unbounded Content-Length Request
CVSS 7.5
CVE-2022-2741 HIGH
Zephyr < 3.1.0 - Denial of Service via Crafted CAN Frame
CVSS 8.2
CVE-2022-40617 HIGH
strongSwan < 5.9.8 - Denial of Service in Revocation Plugin via Malicious CRL/OCSP URL
CVSS 7.5
CVE-2022-39330 MEDIUM
Nextcloud Server < 23.0.10 and Nextcloud Enterprise Server < 22.2.10 - Authenticated Denial of Service via Circles App
CVSS 4.8
Details
Vulnerabilities 3,142
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits