CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,147 vulnerabilities with CWE-400
CVE-2021-43859 HIGH
XStream <1.4.19 - DoS
CVSS 7.5
CVE-2021-46668 MEDIUM
MariaDB 10.2.0-10.2.42 - Denial of Service via Long SELECT DISTINCT Statements
CVSS 5.5
CVE-2021-40406 HIGH
Reolink RLC-410W <3.0.0.136_20121102 - DoS
CVSS 7.5
CVE-2021-23236 HIGH
Fresenius Kabi Agilia Link+ <3.0 - DoS
CVSS 7.5
CVE-2021-39942 MEDIUM
GitLab 12.0-14.3.5, 14.4-14.4.3, 14.5-14.5.1 - Denial of Service via NPM Package Repository File Size Limit Bypass
CVSS 4.3
CVE-2021-37865 MEDIUM
Mattermost < 6.2.0 - Authenticated Denial of Service via Crafted GIF File Upload
CVSS 4.3
CVE-2021-30301 HIGH
Snapdragon Auto/Snapdragon Industrial IOT/Snapdragon Mobile - DoS
CVSS 7.5
CVE-2021-46149 HIGH
MediaWiki < 1.35.5, 1.36.x < 1.36.3, 1.37.x < 1.37.1 - Denial of Service via Language Name Search
CVSS 7.5
CVE-2021-40011 HIGH
Huawei EMUI - Uncontrolled Resource Consumption in Display Module
CVSS 7.5
CVE-2021-24893 HIGH
Stars Rating < 3.5.1 - Denial of Service via Unvalidated Rating Submission
CVSS 7.5
CVE-2021-30348 MEDIUM
Qualcomm Firmware - Denial of Service via LLM Utility Timer Validation
CVSS 6.5
CVE-2021-44716 HIGH
GO < 1.16.12 - Denial of Service
CVSS 7.5
CVE-2021-3622 MEDIUM
hivex - Denial of Service via Recursive _get_children() Function Call
CVSS 4.3
CVE-2021-43854 HIGH
nltk < 3.6.5 - Regular Expression Denial of Service in PunktSentenceTokenizer
CVSS 7.5
CVE-2021-43843 MEDIUM
jsx-slack < 4.5.2 - Regular Expression Denial of Service via Blockquote Multibyte Character Handling
CVSS 5.3
CVE-2021-43838 MEDIUM
jsx-slack < 4.5.1 - Regular Expression Denial-of-Service via Blockquote Tag
CVSS 5.3
CVE-2021-39939 MEDIUM
GitLab Runner 13.7-14.3.5, 14.4-14.4.3, 14.5-14.5.1 - Uncontrolled Resource Consumption via Crafted Docker Image
CVSS 6.5
CVE-2021-39938 LOW
GitLab 8.15.0-14.3.5, 14.4.0-14.4.3, 14.5.0-14.5.1 - Denial of Service via Deploy Slash Command Regex
CVSS 3.1
CVE-2021-44228 CRITICAL KEV
Log4Shell HTTP Header Injection
CVSS 10.0
CVE-2021-41014 HIGH
FortiWeb <= 6.4.1 and <= 6.3.15 - Unauthenticated Denial of Service via HTTP Packet Flood
CVSS 7.5
CVE-2021-37061 HIGH
HarmonyOS < 2.0 - Denial of Service via Screen Projection Application
CVSS 7.5
CVE-2021-44527 MEDIUM
UniFi Switch Firmware < 5.76.6 - Denial of Service via Uncontrolled Resource Consumption
CVSS 6.5
CVE-2021-22956 HIGH
Citrix ADC <13.0-83.27,<12.1-63.22,11.1-65.23 - DoS
CVSS 7.5
CVE-2021-22955 HIGH
Citrix ADC <13.0-83.27,<12.1-63.22,11.1-65.23 - DoS
CVSS 7.5
CVE-2021-44686 HIGH
calibre < 5.32.0 - Denial of Service via ReDoS in HTML Preprocessing
CVSS 7.5
Details
Vulnerabilities 3,147
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits