CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,148 vulnerabilities with CWE-400
CVE-2021-44686 HIGH
calibre < 5.32.0 - Denial of Service via ReDoS in HTML Preprocessing
CVSS 7.5
CVE-2021-20609 HIGH
Mitsubishi Electric MELSEC iQ-R - Uncontrolled Resource Consumption
CVSS 7.5
CVE-2021-42120 MEDIUM
TopEase <= 7.1.27 - Authenticated Uncontrolled Resource Consumption via Object Attribute Input
CVSS 6.5
CVE-2021-36310 MEDIUM
Dell Networking OS10 10.4.3.x 10.5.0.x 10.5.1.x 10.5.2.x - Authenticated Denial of Service via API Service
CVSS 4.9
CVE-2021-22965 HIGH
Pulse Connect Secure <9.1R12.1 - DoS
CVSS 7.5
CVE-2021-33073 MEDIUM
Intel OpenVINO Toolkit < 2021.4 - DoS via Resource Consumption
CVSS 5.5
CVE-2021-0182 MEDIUM
Intel(R) HAXM <7.6.6 - Info Disclosure
CVSS 6.2
CVE-2021-0180 HIGH
Intel(R) HAXM <7.6.6 - Privilege Escalation
CVSS 8.4
CVE-2021-41229 MEDIUM
BlueZ - Memory Leak via SDP Packet Handling
CVSS 4.3
CVE-2021-3912 MEDIUM
cloudflare/octorpki < 1.3.0 - Denial of Service via GZIP Bomb
CVSS 4.2
CVE-2021-3909 MEDIUM
cloudflare/octorpki < 1.3.0 - Denial of Service via Unlimited Connection Length
CVSS 4.4
CVE-2021-3908 MEDIUM
cloudflare/octorpki < 1.3.0 - Uncontrolled Resource Consumption via Certificate Chain Depth
CVSS 5.9
CVE-2021-43173 HIGH
NLnet Labs Routinator <0.10.2 - DoS
CVSS 7.5
CVE-2021-39914 LOW
GitLab 8.13-14.2.5 14.3.0-14.3.3 14.4.0 - Regular Expression Denial of Service via Username Provisioning
CVSS 3.1
CVE-2021-36187 MEDIUM
FortiWeb <= 6.4.0, <= 6.3.15, <= 6.2.5 - Denial of Service via Crafted HTTP Requests
CVSS 5.3
CVE-2021-32595 MEDIUM
FortiPortal < 5.3.7 - Denial of Service via Multiple HTTP Requests
CVSS 6.5
CVE-2021-41186 MEDIUM
Fluentd 0.14.14-1.14.1 - Denial of Service via parser_apache2 Regex Handling
CVSS 5.9
CVE-2021-40125 MEDIUM
Cisco ASA and FTD - Authenticated Denial of Service via Malformed IKEv2 Messages
CVSS 5.3
CVE-2021-40117 HIGH
Cisco ASA & FTD SSL/TLS Packet Processing DoS
CVSS 8.6
CVE-2021-34792 HIGH
Cisco ASA and FTD - Unauthenticated Denial of Service via High Connection Rate
CVSS 8.6
CVE-2021-22101 HIGH
Cloudfoundry Capi-release < 1.118.0 - Denial of Service
CVSS 7.5
CVE-2021-41145 HIGH
FreeSWITCH < 1.10.7 - Unauthenticated Denial of Service via SIP Flooding
CVSS 8.6
CVE-2021-42836 HIGH
gjson < 1.9.3 - Uncontrolled Resource Consumption via ReDoS
CVSS 7.5
CVE-2021-38465 HIGH
versiondog < 8.0.0 - Denial of Service via Webinstaller Resource Consumption
CVSS 8.0
CVE-2021-38463 HIGH
Auvesy versiondog <= 8.0.0 - Uncontrolled Resource Allocation
CVSS 7.3
Details
Vulnerabilities 3,148
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits