Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,859 vulnerabilities with CWE-770

CVE-2025-58474 MEDIUM

F5 BIG-IP Advanced WAF and NGINX App Protect - Request Disruption Denial of Service

CVE-2025-55670 MEDIUM

F5 BIG-IP Next CNF SPK and Kubernetes - Denial of Service via Repeated Undisclosed API Calls

CVE-2025-46706 HIGH

F5 F5 BIG-IP 16.1.0 through 16.1.6 - Memory Resource Exhaustion via iRule HTTP::respond

CVE-2025-41430 HIGH

F5 BIG-IP SSL Orchestrator >=15.1.0 <15.1.9 - Denial of Service via Traffic Management Microkernel Termination

CVE-2025-55079 MEDIUM

Eclipse ThreadX < 6.4.3 - Denial of Service via Thread Priority Check Bypass

CVE-2025-9177 HIGH

Rockwell Automation 1715-AENTR EtherNet/IP Adapter < 3.003 - Denial of Service via Web Server Request Flood

CVE-2025-41704 MEDIUM

Phoenix Contact QUINT4-UPS - Unauthenticated Denial of Service via Modbus Function Code

CVE-2025-61775 MEDIUM

Vickey <2025.10.0 - Info Disclosure

CVE-2025-61920 HIGH

Authlib < 1.6.5 - Uncontrolled Resource Consumption via Oversized JWS/JWT Segments

CVE-2025-36171 MEDIUM

IBM Aspera Faspex 5.0.0-5.0.13.1 - Denial of Service via API Input Validation

CVE-2025-2934 MEDIUM

GitLab 5.2-18.2.7, 18.3-18.3.3, 18.4-18.4.1 - Authenticated Denial of Service via Malicious Webhook Endpoint

CVE-2025-10004 HIGH

GitLab 13.12-18.2.8, 18.3-18.3.4, 18.4-18.4.2 - Denial of Service via Crafted GraphQL Queries

CVE-2025-11362 HIGH

pdfmake < 0.3.0-beta.17 - Denial of Service via Repeated URL Redirects in File Embedding

CVE-2025-58582 MEDIUM

Sick Enterprise Analytics - Information Disclosure via Unvalidated Log Data

CVE-2025-58578 LOW

SICK Enterprise Analytics - Allocation of Resources Without Limits via User Account Creation API

CVE-2025-11274 LOW

Open Asset Import Library Assimp 6.0.2 - Info Disclosure

CVE-2025-52867 MEDIUM

Qsync Central 5.0.0.0-5.0.0.1 - Authenticated Denial of Service via Resource Consumption

CVE-2025-44012 MEDIUM

Qsync Central 5.0.0.0-5.0.0.1 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-44007 MEDIUM

Qsync Central 4.2.0.0-4.9.9.9 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-44006 MEDIUM

Qsync Central 4.2.0.0-4.9.9.9 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-33040 MEDIUM

Qsync Central 4.2.0.0-4.9.9.9 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-33039 MEDIUM

Qsync Central 4.2.0.0-4.9.9.9 - Denial of Service via Resource Exhaustion

CVE-2025-61595 HIGH

MANTRA-Chain mantrachain < 4.0.2 - Uncontrolled Resource Consumption via Send Hook Gas Limit Bypass

CVE-2025-20370 MEDIUM

Splunk <10.0.1, 9.4.4, 9.3.6, 9.2.8 - DoS

CVE-2025-36099 MEDIUM

IBM WebSphere Application Server 8.5 and 9.0 - Denial of Service via Crafted Request

Previous Page 20 of 75 Next

Details

Vulnerabilities 1,859

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy