Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-407

CWE-407

Low likelihood

Inefficient Algorithmic Complexity

Parent: CWE-405 - Asymmetric Resource Consumption (Amplification)

An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.

90 vulnerabilities with CWE-407

CVE-2025-23020 MEDIUM

Kwik < 0.10.1 - Denial of Service via Hash Collision in Connection ID Management

CVE-2024-12243 MEDIUM

GnuTLS - Denial of Service

CVE-2024-12133 MEDIUM

libtasn1 - Denial of Service

CVE-2024-9631 HIGH

GitLab CE/EE <17.2.9-17.4.2 - Info Disclosure

CVE-2024-6324 MEDIUM

GitLab 15.7-17.5.4, 17.6-17.6.2, 17.7 - Denial of Service via Cyclic Epic References

CVE-2024-8233 HIGH

GitLab 9.4.0-17.4.5, 17.5.0-17.5.3, 17.6.0-17.6.1 - Denial of Service via Diff File Requests

CVE-2024-8237 MEDIUM

GitLab CE/EE <12.6-17.4.5, <17.5-17.5.3, <17.6-17.6.1 - DoS

CVE-2024-8177 MEDIUM

GitLab CE/EE <17.4.5/<17.5.3/<17.6.1 - DoS

CVE-2024-11828 MEDIUM

GitLab 13.2.4-17.4.4, 17.5-17.5.2, 17.6-17.6.0 - Denial of Service via Crafted API Calls

CVE-2024-43485 HIGH

.NET 6.0.0-6.0.34 and Visual Studio 2022 17.6.0-17.6.19 - Denial of Service

CVE-2024-43484 HIGH

.NET Framework - Denial of Service via Inefficient Algorithmic Complexity

CVE-2024-43483 HIGH

.NET Framework - Denial of Service via Inefficient Algorithmic Complexity

CVE-2024-39702 MEDIUM

OpenResty 1.19.3.1-1.25.3.1 - Denial of Service via HashDoS in String Hashing Function

CVE-2024-29916 MEDIUM

dormakaba Saflok - Unauthenticated Door Unlock via Forged Keycard

CVE-2024-23684 HIGH

peteroupc/cbor 4.0.0-4.5.1 - Denial of Service via DecodeFromBytes Function

CVE-2024-21909 HIGH

PeterO.Cbor 4.0.0-4.5.0 - Denial of Service via Crafted DecodeFromBytes Input

CVE-2023-30421 LOW

mjson 1.2.7 - Denial of Service via Inefficient Algorithmic Complexity in mystrtod

CVE-2023-4408 HIGH

BIND <9.16.45-9.19.19 - DoS

CVE-2023-46136 HIGH

Werkzeug < 2.3.8 and 3.0.0 - Denial of Service via Crafted Multipart Data

CVE-2023-38285 HIGH

Trustwave ModSecurity <3.0.10 - Info Disclosure

CVE-2023-36810 MEDIUM

pypdf < 1.27.8 - Denial of Service via Crafted PDF

CVE-2023-2473 MEDIUM

Dreamer CMS <4.1.3 - Info Disclosure

CVE-2023-26485 MEDIUM

cmark-gfm < 0.29.0.gfm.10 - Denial of Service via Underscore Character Parsing

CVE-2023-24824 MEDIUM

cmark-gfm < 0.29.0.gfm.10 - Denial of Service via Quadratic Complexity in Blockquote or List Parsing

CVE-2023-22486 LOW

cmark-gfm < 0.29.0.gfm.7 - Denial of Service via Polynomial Time Complexity in handle_close_bracket

Previous Page 3 of 4 Next

Details

Vulnerabilities 90

Exploit Likelihood Low

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy