CWE-400
High likelihoodUncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource.
3,147 vulnerabilities with CWE-400
CVE-2022-27181
MEDIUM
F5 BIG-IP APM < 16.1.2.2, < 15.1.5.1, < 14.1.4.6, < 13.1.5 - Uncontrolled Resource Consumption via NTLM Auth
CVSS 5.3
CVE-2022-26372
HIGH
F5 BIG-IP <15.1.0.2, <14.1.4.6, <13.1.5, <=12.1.x, <=11.6.x - DoS
CVSS 7.5
CVE-2022-1468
MEDIUM
F5 BIG-IP APM 17.0.x-11.6.x - Authenticated DoS via iControl REST
CVSS 4.3
CVE-2022-25779
MEDIUM
Secomea GateManager <9.7 - Info Disclosure
CVSS 4.3
CVE-2022-20760
HIGH
Cisco Adaptive Security Appliance and Firepower Threat Defense - Denial of Service via DNS Inspection Handler
CVSS 8.6
CVE-2022-22275
HIGH
SonicOS 7.0.0.0-7.0.1-5030-r2007 - Denial of Service via TCP Handshake Bypass
CVSS 7.5
CVE-2022-24863
HIGH
http-swagger < 1.2.6 - Denial of Service via Improper Handling of HTTP Methods
CVSS 7.5
CVE-2022-20692
HIGH
Cisco IOS XE - Authenticated Denial of Service via NETCONF over SSH
CVSS 7.7
CVE-2022-26498
HIGH
Asterisk < 16.25.1 - Uncontrolled Resource Consumption via STIR/SHAKEN File Download
CVSS 7.5
CVE-2022-22191
MEDIUM
Juniper Networks Junos OS EX4300 - DoS
CVSS 6.5
CVE-2022-1337
MEDIUM
Mattermost Server < 6.4.2 - Authenticated Denial of Service via Image Proxy Memory Allocation
CVSS 4.3
CVE-2022-21155
HIGH
Fernhill SCADA Server < 3.77 - Denial of Service via Crafted Packet
CVSS 7.5
CVE-2022-27194
HIGH
SIMATIC PCS neo < V3.1 SP1, SINETPLAN, TIA Portal V15-V17 - Denial of Service via Crafted Packets to Port 8888
CVSS 7.5
CVE-2022-25622
MEDIUM
SIMATIC CFU DIQ Firmware - Denial of Service via Malformed TCP Segments
CVSS 5.3
CVE-2022-24839
HIGH
Nokogiri nekohtml < 1.9.22.noko2 - Denial of Service via Malformed HTML Markup
CVSS 7.5
CVE-2022-24836
HIGH
Nokogiri < 1.13.4 - Inefficient Regular Expression Complexity in HTML Encoding Detection
CVSS 7.5
CVE-2022-1099
MEDIUM
GitLab < 14.7.7, 14.8 < 14.8.5, 14.9 < 14.9.2 - Uncontrolled Resource Consumption via Runner Tag Addition
CVSS 4.3
CVE-2022-1210
MEDIUM
LibTIFF 4.3.0 - Denial of Service via Malicious TIFF File
CVSS 4.3
CVE-2022-0489
LOW
GitLab 8.15.0-14.6.4 - Denial of Service via Math Feature Formula in Issue Comments
CVSS 3.5
CVE-2022-0488
LOW
GitLab CE/EE <8.10 - Info Disclosure
CVSS 3.5
CVE-2022-24729
MEDIUM
CKEditor 4.0-4.17.2 - Denial of Service via Dialog Input Validator Regex
CVSS 6.5
CVE-2022-22145
HIGH
Yokogawa CENTUM CS 3.08.10-3.09.00/VP 4.01.00-4.03.00/Exaopc 3.72.00-3.79.00 Resource Consumption
CVSS 8.1
CVE-2022-24726
HIGH
Istio < 1.11.8 - Unauthenticated Denial of Service via Validating Webhook Endpoint
CVSS 7.5
CVE-2022-24741
LOW
Nextcloud <21.0.8, <22.2.4, <23.0.1 - DoS
CVSS 3.5
CVE-2022-24464
HIGH
.NET 5.0-5.0.13 and .NET Core 3.1-3.1.21 - Denial of Service
CVSS 7.5
Details
Vulnerabilities
3,147
Exploit Likelihood
High