Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,859 vulnerabilities with CWE-770

CVE-2025-64508 HIGH

Bugsink < 2.0.5 - Denial of Service via Brotli Decompression Bomb

CVE-2025-36136 MEDIUM

IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Denial of Service via Database Monitor Script

CVE-2025-36008 MEDIUM

IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 - Authenticated Denial of Service

CVE-2025-53413 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.5017 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-53411 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.5018 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-53410 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.5017 - Authenticated Denial of Service

CVE-2025-53409 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.5017 - Authenticated Denial of Service

CVE-2025-46556 MEDIUM

MantisBT < 2.27.2 - Denial of Service via Oversized Issue Note Submission

CVE-2025-61724 MEDIUM

GO < 1.24.8 - Resource Allocation Without Limits

CVE-2025-61723 HIGH

GO < 1.24.8 - Resource Allocation Without Limits

CVE-2025-58185 MEDIUM

GO < 1.24.8 - Resource Allocation Without Limits

CVE-2025-11375 MEDIUM

Consul < 1.18.12, 1.19.0-1.21.5, 1.22.0 - Denial of Service via Event Endpoint

CVE-2025-11374 MEDIUM

Consul < 1.22.0 - Denial of Service via KV Endpoint Content Length Header

CVE-2025-59459 MEDIUM

SICK TLOC100-100 Firmware < 7.1.1 - Denial of Service via SSH Access

CVE-2025-11974 MEDIUM

GitLab 11.7-18.3.4, 18.4-18.4.2, 18.5 - Unauthenticated Denial of Service via Large File Upload

CVE-2025-11447 HIGH

GitLab 11.0-18.3.4, 18.4.0-18.4.2, 18.5.0 - Unauthenticated Denial of Service via Crafted GraphQL JSON Payloads

CVE-2025-10497 HIGH

GitLab 17.10-18.3.4, 18.4-18.4.2, 18.5 - Unauthenticated Denial of Service via Crafted Payloads

CVE-2025-12044 HIGH

HashiCorp Vault 1.16.25-1.16.26, 1.20.3-1.20.4 - Unauthenticated Denial of Service via JSON Payload Processing

CVE-2025-62706 MEDIUM

Authlib < 1.6.5 - Denial of Service via Unbounded DEFLATE Decompression in JWE zip=DEF

CVE-2025-53069 MEDIUM

MySQL Server 8.0.0-8.0.43, 8.4.0-8.4.6, 9.0.0-9.4.0 - Authenticated Denial of Service in Components Services

CVE-2025-56223 HIGH

SigningHub < 8.6.8 - Denial of Service via UploadStreamDocument Rate Limit Bypass

CVE-2025-62672 MEDIUM

rplay < 3.3.2 - Denial of Service via RPLAY_DATA Packet Handling

CVE-2025-62666 MEDIUM

Mediawiki - CirrusSearch Extension <1.43 - DoS

CVE-2025-11832 CRITICAL

Azure Access Technology BLU-IC2 and BLU-IC4 < 1.20 - Denial of Service via Resource Flooding

CVE-2025-59778 HIGH

F5OS-C 1.6.0-1.6.1 - Denial of Service via Allowed IP Addresses Feature

Previous Page 19 of 75 Next

Details

Vulnerabilities 1,859

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy