CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,152 vulnerabilities with CWE-400
CVE-2021-0202 HIGH
Juniper Networks MX/EX9200 - Memory Leak
CVSS 7.5
CVE-2021-22168 MEDIUM
GitLab 12.8.0-13.5.5 - Regular Expression Denial of Service in NuGet API
CVSS 4.3
CVE-2021-22166 MEDIUM
GitLab 13.7.0-13.7.1 - Denial of Service via Malformed HTTP Method
CVSS 5.3
CVE-2021-21252 MEDIUM
jQuery Validation Plugin <1.19.3 - DoS
CVSS 5.3
CVE-2021-21236 MEDIUM
CairoSVG < 2.5.1 - Regular Expression Denial of Service via Malicious SVG Processing
CVSS 5.7
CVE-2021-21235 MEDIUM
kamadak-exif <0.5.2 - Buffer Overflow
CVSS 5.7
CVE-2020-36872 HIGH
BACnet Test Server <= 1.01 - Unauthenticated Denial of Service via Malformed BVLC Length Field
CVE-2020-24089 MEDIUM
IOBit Malware Fighter 8.0.2 - Denial of Service via ImfHpRegFilter.sys
CVSS 5.5
CVE-2020-26652 HIGH
Realtek rtl8812au_firmware v5.6.4.2 - Denial of Service via nl80211_send_chandef Function
CVSS 7.5
CVE-2020-20813 HIGH
OpenVPN < 2.4.7 - Denial of Service via Crafted Reset Packet
CVSS 7.5
CVE-2020-19726 HIGH
binutils 2.36 - Uncontrolled Resource Consumption in libbfd.c Auxiliary Symbol Data
CVSS 8.8
CVE-2020-18770 MEDIUM
zziplib 0.13.69 - Denial of Service via zzip_disk_entry_to_file_header Function
CVSS 5.5
CVE-2020-20021 HIGH
MikroTik RouterOS < 6.46.3 - Denial of Service via SSH Daemon Misconfiguration
CVSS 7.5
CVE-2020-19850 MEDIUM
Directus 2.2.0 - Denial of Service via HTTP Request Flood
CVSS 6.5
CVE-2020-26302 HIGH
is.js <0.9.0 - ReDoS
CVSS 7.5
CVE-2020-36620 LOW
Brondahl EnumStringValues <4.0.0 - DoS
CVSS 3.5
CVE-2020-15853 MEDIUM
supybot-fedora - Denial of Service via Refresh Command
CVSS 5.3
CVE-2020-29260 HIGH
libvncclient <0.9.13 - Memory Corruption
CVSS 7.5
CVE-2020-35534 MEDIUM
LibRaw - Memory Corruption in crxFreeSubbandData Function
CVSS 5.5
CVE-2020-21405 HIGH
H96 Pro Plus Firmware - Uncontrolled Resource Consumption via saveDeepColorAttr Service
CVSS 7.5
CVE-2020-9060 MEDIUM
Silicon Labs 500 Series Firmware - Denial of Service via Malformed Z-Wave S2 Messages
CVSS 6.5
CVE-2020-9059 MEDIUM
Silicon Labs 500 Series Firmware - Uncontrolled Resource Consumption via S0 Authentication
CVSS 6.5
CVE-2020-21573 MEDIUM
image-processing v0.1.0 - Denial of Service via Crafted Image File
CVSS 5.5
CVE-2020-10005 MEDIUM
macOS < 11.0.1 - Denial of Service via Resource Exhaustion
CVSS 6.5
CVE-2020-9000 HIGH
iPortalis iCS 7.1.13.0 - Denial of Service via .NET Input Validation Error Log Flooding
CVSS 7.5
Details
Vulnerabilities 3,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits