CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,152 vulnerabilities with CWE-400
CVE-2020-20221 MEDIUM
Mikrotik RouterOS < 6.44.6 - Authenticated Denial of Service via /nova/bin/cerm Process
CVSS 6.5
CVE-2020-20248 MEDIUM
Mikrotik RouterOs - Authenticated Denial of Service via Memtest Process
CVSS 6.5
CVE-2020-20230 MEDIUM
Mikrotik RouterOS < 6.47 - Authenticated Denial of Service via SSH Resource Consumption
CVSS 6.5
CVE-2020-20217 MEDIUM
MikroTik RouterOS < 6.47 - Authenticated Denial of Service via /nova/bin/route Process
CVSS 6.5
CVE-2020-8299 MEDIUM
Citrix ADC <13.0-76.29,12.1-61.18,11.1-65.20 - DoS
CVSS 6.5
CVE-2020-12296 MEDIUM
Intel Thunderbolt Firmware - Authenticated Denial of Service via Uncontrolled Resource Consumption
CVSS 5.5
CVE-2020-12291 MEDIUM
Intel Thunderbolt Controllers - Authenticated Denial of Service via Uncontrolled Resource Consumption
CVSS 5.5
CVE-2020-1750 MEDIUM
Machine-Config-Operator <4.4.3 - DoS
CVSS 6.5
CVE-2020-28469 MEDIUM
glob-parent < 5.1.2 - Uncontrolled Resource Consumption
CVSS 5.3
CVE-2020-35510 MEDIUM
jboss-remoting < 5.0.20 - Denial of Service via EJB Client ACK Message Omission
CVSS 5.9
CVE-2020-14340 MEDIUM
XNIO 3.6.0.Beta1-3.8.1.Final - Denial of Service via File Descriptor Leak
CVSS 5.9
CVE-2020-14326 HIGH
Redhat Integration Camel K < 4.5.6 - Denial of Service
CVSS 7.5
CVE-2020-1702 LOW
Containers-image <5.2.0 - Memory Corruption
CVSS 3.3
CVE-2020-25673 MEDIUM
Linux Kernel < 5.3.18 - Denial of Service via Non-Blocking Socket in llcp_sock_connect
CVSS 5.5
CVE-2020-36332 HIGH
libwebp < 1.0.1 - Denial of Service via Excessive Memory Allocation
CVSS 7.5
CVE-2020-25242 HIGH
SIMATIC NET CP 343-1 Advanced, Lean, and Standard - Denial of Service via Crafted TCP Port 102 Packets
CVSS 7.5
CVE-2020-28944 HIGH
OX Guard < 2.10.4 - Denial of Service via WKS Server Response
CVSS 7.5
CVE-2020-36320 HIGH
Vaadin 7.0.0-7.7.21 - Uncontrolled Resource Consumption via EmailValidator RegEx
CVSS 7.5
CVE-2020-27827 HIGH
Lldpd < 1.0.8 - Denial of Service
CVSS 7.5
CVE-2020-35233 MEDIUM
NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 - Denial of Service via Concurrent TFTP Connections
CVSS 6.5
CVE-2020-27223 MEDIUM
Eclipse Jetty 9.4.6-9.4.36, 10.0.0, 11.0.0 - Denial of Service via Multiple Accept Headers with Quality Parameters
CVSS 5.2
CVE-2020-24686 HIGH
ABB AC500 V2 - Denial of Service in Web Visualization Component
CVSS 7.5
CVE-2020-27782 HIGH
Redhat Jboss Fuse < 2.1.5 - Denial of Service
CVSS 7.5
CVE-2020-11270 HIGH
Qualcomm AQT1000 Firmware - Denial of Service via FTM Parameter IE
CVSS 7.5
CVE-2020-28496 HIGH
three < 0.125.0 - Uncontrolled Resource Consumption via RGB/HSL Color Parsing
CVSS 7.5
Details
Vulnerabilities 3,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits