Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,858 vulnerabilities with CWE-770

CVE-2025-36123 MEDIUM

IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Denial of Service via XML Data Table Copy

CVE-2025-36098 MEDIUM

IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Authenticated Denial of Service

CVE-2025-36070 MEDIUM

IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Denial of Service via Table Selection

CVE-2025-2668 MEDIUM

IBM Db2 11.5.0-11.5.9 - Authenticated Denial of Service via Crafted Query

CVE-2025-68934 MEDIUM

Discourse <3.5.4,2025.11.2,2025.12.1,2026.1.0 - Use After Free

CVE-2025-61728 MEDIUM

GO < 1.24.12 - Resource Allocation Without Limits

CVE-2025-61726 HIGH

GO < 1.24.12 - Resource Allocation Without Limits

CVE-2025-68659 MEDIUM

Discourse <3.5.4,2025.11.2,2025.12.1,2026.1.0 - DoS

CVE-2025-55102 HIGH

Eclipse ThreadX - NetX Duo < 6.4.3 - Denial of Service via IPv6 Packet Too Big Handling

CVE-2025-14525 MEDIUM

kubevirt - Denial of Service via Excessive Network Interface Reporting

CVE-2025-67221 HIGH

orjson < 3.11.4 - Denial of Service via Deeply Nested JSON Documents

CVE-2025-13927 HIGH

GitLab 11.9-18.6.3, 18.7-18.7.1, 18.8-18.8.1 - Unauthenticated Denial of Service via Malformed Authentication Data

CVE-2025-68138 MEDIUM

libocpp < 0.30.1 - Memory Leak via Unfreed strdup Pointers

CVE-2025-68136 HIGH

EVerest < 2025.10.0 - Denial of Service via ISO15118-20 SDP Request Handling

CVE-2025-68133 HIGH

EVerest < 2025.10.0 - Denial of Service via Unlimited TCP Connection Exhaustion

CVE-2025-69199 MEDIUM

Pterodactyl Wings < 1.12.0 - Unauthenticated Uncontrolled Resource Consumption via WebSocket Connections

CVE-2025-11044 MEDIUM

B&R Automation Runtime <6.5 & <R4.93 - DoS

CVE-2025-14435 MEDIUM

Mattermost <10.11.8-11.1.1-11.0.6 - Authenticated DoS

CVE-2025-14822 LOW

Mattermost 10.11.0-10.11.8 - Authenticated Denial of Service via Hashtag Processing

CVE-2025-37166 HIGH

HPE Networking Instant On Access Points - DoS

CVE-2025-10569 MEDIUM

GitLab 8.3-18.5.5, 18.6-18.6.3, 18.7-18.7.1 - Authenticated Denial of Service via External API Response

CVE-2025-50334 HIGH

Technitium DNS Server < 14.0 - Denial of Service via Rate-Limiting Component

CVE-2025-68151 HIGH

CoreDNS < 1.14.0 - Unauthenticated Denial of Service via Resource Exhaustion

CVE-2025-66560 MEDIUM

Quarkus <3.31.0-3.27.2-3.20.5 - Info Disclosure

CVE-2025-66838 MEDIUM

ARIS < 10.0.23.0.3587512 - Resource Exhaustion via Unrestricted File Upload

Previous Page 16 of 75 Next

Details

Vulnerabilities 1,858

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy