CWE-400

High likelihood

Uncontrolled Resource Consumption

Parent: CWE-664 - Improper Control of a Resource Through its Lifetime

The product does not properly control the allocation and maintenance of a limited resource.

3,152 vulnerabilities with CWE-400
CVE-2020-3487 MEDIUM
Cisco IOS XE - Unauthenticated Denial of Service via CAPWAP Packet Processing
CVSS 6.5
CVE-2020-3479 MEDIUM
Cisco IOS and IOS XE - Unauthenticated Denial of Service via Malformed EVPN BGP Update Messages
CVSS 6.1
CVE-2020-3428 MEDIUM
Cisco IOS XE Wireless Controller Software - DoS
CVSS 6.5
CVE-2020-3414 HIGH
Cisco IOS XE for 4461 ISR - Unauthenticated Denial of Service via IPv4/IPv6 Packet Processing
CVSS 8.6
CVE-2020-3409 HIGH
Cisco IOS Software/Cisco IOS XE Software - DoS
CVSS 7.4
CVE-2020-3408 HIGH
Cisco IOS and IOS XE - Unauthenticated Denial of Service via Split DNS Regex Timeout
CVSS 8.6
CVE-2020-3569 HIGH KEV
Cisco IOS XR - Unauthenticated Denial of Service via IGMP Packet Handling
CVSS 8.6
CVE-2020-8251 HIGH
Node.js < 14.11.0 - Denial of Service via Delayed HTTP Request Submission
CVSS 7.5
CVE-2020-8246 HIGH
Citrix ADC & Gateway <13.0-64.35 - DoS
CVSS 7.5
CVE-2020-8237 HIGH
json-bigint < 1.0.0 - Denial of Service via Prototype Pollution
CVSS 7.5
CVE-2020-7733 HIGH
ua-parser-js < 0.7.22 - Regular Expression Denial of Service via Redmi and Mi Pad User-Agent Parsing
CVSS 7.5
CVE-2020-15166 HIGH
libzmq < 4.3.3 - Denial of Service via TCP Transport Endpoint
CVSS 7.5
CVE-2020-2039 MEDIUM
PAN-OS 8.1.0-8.1.15 - Unauthenticated Denial of Service via Management Web Interface File Upload
CVSS 5.3
CVE-2020-14384 HIGH
JBossWeb < 7.5.31.Final-redhat-3 - Denial of Service via Invalid WebSocket Payload Length
CVSS 7.5
CVE-2020-3566 HIGH KEV
Cisco IOS XR - Unauthenticated Denial of Service via DVMRP IGMP Queue Exhaustion
CVSS 8.6
CVE-2020-3504 LOW
Cisco UCS Manager Software - Authenticated Denial of Service via Local Management CLI Command Parameters
CVSS 3.3
CVE-2020-3505 MEDIUM
Cisco Video Surveillance 8000 Series IP Cameras - Denial of Service via Cisco Discovery Protocol Memory Leak
CVSS 6.5
CVE-2020-14522 HIGH
Softing OPC < 4.47.0 - Denial of Service via Uncontrolled Resource Consumption
CVSS 7.5
CVE-2020-3976 MEDIUM
VMware ESXi and vCenter Server - Partial Denial of Service in Authentication Service
CVSS 5.3
CVE-2020-9703 MEDIUM
Adobe Acrobat and Reader DC < 2020.009.20074 - Denial of Service via Stack Exhaustion
CVSS 5.5
CVE-2020-9702 MEDIUM
Adobe Acrobat and Reader DC < 2020.009.20074 - Denial of Service via Stack Exhaustion
CVSS 5.5
CVE-2020-13281 MEDIUM
GitLab 8.9.0-13.0.11 - Denial of Service via Project Import Feature
CVSS 6.5
CVE-2020-13280 MEDIUM
GitLab <13.0.12-13.2.3 - Memory Corruption
CVSS 6.5
CVE-2020-8229 MEDIUM
Nextcloud Desktop Client 2.6.4 - Memory Corruption
CVSS 5.5
CVE-2020-15114 HIGH
etcd 3.3.0-3.3.22 and 3.4.0-rc.0-3.4.9 - Denial of Service via Gateway Endpoint Loop
CVSS 7.7
Details
Vulnerabilities 3,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits