CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,148 vulnerabilities with CWE-400
CVE-2021-29506 MEDIUM
GraphHopper 2.0-2.4 - Denial of Service via Regular Expression Injection
CVSS 6.5
CVE-2021-22139 MEDIUM
Kibana < 7.12.1 - Denial of Service via Webhook Request Size
CVSS 6.5
CVE-2021-32918 HIGH
prosody < 0.11.9 - Unauthenticated Denial of Service via Memory Exhaustion
CVSS 7.5
CVE-2021-27385 HIGH
SIMATIC WinCC Runtime Advanced < V16 Update 4 - Denial of Service via SmartVNC Device Layout Handler
CVSS 7.5
CVE-2021-29509 HIGH
Puma < 4.3.8 - Denial of Service via Keep-Alive Connection Starvation
CVSS 7.5
CVE-2021-29471 LOW
Synapse < 1.33.2 - Denial of Service via Push Rule Event Match Pattern
CVSS 3.7
CVE-2021-30504 HIGH
JetBrains IntelliJ IDEA <2021.1 - DoS
CVSS 7.5
CVE-2021-32053 MEDIUM
HAPI FHIR < 5.4.0 - Denial of Service via History Request Resource Consumption
CVSS 5.3
CVE-2021-23011 HIGH
BIG-IP <16.0.1.1, 15.1.3, 14.1.4, 13.1.4, 12.1.6, 11.6.5.3 - DoS
CVSS 7.5
CVE-2021-21419 MEDIUM
eventlet >=0.10 <0.31.0 - Uncontrolled Resource Consumption via WebSocket Frame
CVSS 5.3
CVE-2021-31409 HIGH
Vaadin 8.0.0-8.12.4 Uncontrolled Resource Consumption via EmailValidator RegEx
CVSS 7.5
CVE-2021-1275 CRITICAL
Cisco Catalyst SD-WAN Manager 20.4-20.4.1 & vManage <20.3.3 - RCE & Info Disclosure
CVSS 9.8
CVE-2021-1489 MEDIUM
Cisco Firepower Device Manager 6.4.0 - Authenticated Denial of Service via Filesystem Resource Exhaustion
CVSS 6.5
CVE-2021-21391 MEDIUM
CKEditor 5 < 27.0.0 - Regular Expression Denial of Service
CVSS 6.5
CVE-2021-29469 MEDIUM
redis.js/redis < 3.1.1 - Denial of Service via Monitoring Mode Regex Backtracking
CVSS 5.3
CVE-2021-31405 HIGH
Vaadin Flow 2.0.4-2.3.2 and Vaadin 14.0.6-14.4.3 - Uncontrolled Resource Consumption via EmailField RegEx Validation
CVSS 7.5
CVE-2021-0257 MEDIUM
Juniper Networks MX/EX Series - Memory Corruption
CVSS 6.5
CVE-2021-0238 MEDIUM
Juniper Junos OS 17.3R1-20.4R2 Uncontrolled Resource Consumption via CLI
CVSS 5.5
CVE-2021-0233 HIGH
Juniper Networks Junos OS <17.4R3-S2 - DoS
CVSS 7.5
CVE-2021-0230 HIGH
Juniper Networks SRX Series - Info Disclosure
CVSS 7.5
CVE-2021-0229 MEDIUM
Juniper Junos OS DoS via MQTT Packet Stream
CVSS 5.3
CVE-2021-30464 HIGH
OMICRON StationGuard < 1.10 - Denial of Service via Crafted TCP/20499 Packets
CVSS 7.5
CVE-2021-29453 MEDIUM
matrix-media-repo < 1.2.7 - Denial of Service via Malicious Image Thumbnailing
CVSS 5.7
CVE-2021-29430 HIGH
Sydent < 2.3.0 - Unauthenticated Denial of Service via Unbounded HTTP Request/Response
CVSS 7.5
CVE-2021-29433 MEDIUM
Sydent < 2.3.0 - Uncontrolled Resource Consumption via Third-Party Identifier Confirmation Endpoint
CVSS 4.3
Details
Vulnerabilities 3,148
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits