CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,152 vulnerabilities with CWE-400
CVE-2020-25630 HIGH
Moodle 3.5.0-3.5.13, 3.7.0-3.7.7, 3.8.0-3.8.4, 3.9.0-3.9.1 - Denial of Service via Unchecked Zip File Decompression
CVSS 7.5
CVE-2020-12524 HIGH
Phoenix Contact BTP 2043W, BTP 2070W, and BTP 2102W Firmware - Denial of Service via Uncontrolled Resource Consumption
CVSS 7.5
CVE-2020-5423 HIGH
CAPI < 1.101.0 - Unauthenticated Denial of Service via YAML Parser
CVSS 7.5
CVE-2020-27813 HIGH
gorilla/websocket < 1.4.1 - Denial of Service via WebSocket Frame Length Integer Overflow
CVSS 7.5
CVE-2020-16850 HIGH
Mitsubishielectric R00cpu Firmware < 20 - Denial of Service
CVSS 7.5
CVE-2020-10772 HIGH
Unbound - Insufficient Control of Network Message Volume (Network Amplification)
CVSS 7.5
CVE-2020-7779 MEDIUM
djvalidator - Regular Expression Denial of Service via Crafted Email Input
CVSS 5.3
CVE-2020-14190 HIGH
Atlassian Fisheye/Crucible < 4.8.4 - Regex Denial of Service via EyeQL
CVSS 7.5
CVE-2020-5668 HIGH
MELSEC iQ-R Series CPU Firmware - Unauthenticated Denial of Service via SLMP Packet
CVSS 7.5
CVE-2020-8277 HIGH
Node.js <15.2.1, <14.15.1, <12.19.1 - DoS
CVSS 7.5
CVE-2020-13349 MEDIUM
GitLab 8.12.0-13.3.8, 13.4.0-13.4.4, 13.5.0-13.5.1 - Denial of Service via Advanced Search Regex
CVSS 4.3
CVE-2020-13354 MEDIUM
GitLab 12.6.0-13.3.8 - Denial of Service via Container Registry Name Check
CVSS 4.3
CVE-2020-5666 HIGH
MELSEC iQ-R Series CPU Modules Denial of Service via Crafted HTTP Packet
CVSS 7.5
CVE-2020-15783 HIGH
SIMATIC S7-300 CPU Family, SIMATIC TDC CPU555, and SINUMERIK 840D sl - Denial of Service via Port 102
CVSS 7.5
CVE-2020-24573 HIGH
BAB TECHNOLOGIE GmbH eibPort V3 <3.8.3 - DoS
CVSS 7.5
CVE-2020-7767 MEDIUM
express-validators - Regular Expression Denial of Service via URL Validation
CVSS 5.3
CVE-2020-0441 HIGH
Android - Remote Denial of Service via Notification Input Validation
CVSS 7.5
CVE-2020-5652 HIGH
MELSEC iQ-R, Q and L series CPU - Uncontrolled Resource Consumption
CVSS 7.5
CVE-2020-7760 MEDIUM
CodeMirror < 5.58.2 - Uncontrolled Resource Consumption via Regular Expression
CVSS 5.3
CVE-2020-5936 HIGH
BIG-IP LTM 12.1.0-15.1.0.5 Uncontrolled Resource Consumption via SSL Traffic
CVSS 7.5
CVE-2020-7755 HIGH
dat.gui - Regular Expression Denial of Service via RGB and RGBA Value Parsing
CVSS 7.5
CVE-2020-7753 HIGH
trim < 0.0.3 - Regular Expression Denial of Service via trim()
CVSS 7.5
CVE-2020-3572 HIGH
Cisco ASA <9.6 & FTD <6.3.0.6 - DoS via SSL/TLS Memory Leak
CVSS 8.6
CVE-2020-3571 HIGH
Cisco Firepower Threat Defense 6.3.0-6.3.0.5 - Unauthenticated Denial of Service via ICMP Packet Processing
CVSS 8.6
CVE-2020-3563 HIGH
Cisco Firepower Threat Defense 6.3.0-6.3.0.6 - Unauthenticated Denial of Service via TCP Packet Flood
CVSS 8.6
Details
Vulnerabilities 3,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits