Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,859 vulnerabilities with CWE-770

CVE-2025-8014 HIGH

GitLab 11.10-18.2.6, 18.3-18.3.2, 18.4-18.4.0 - Unauthenticated Denial of Service via GraphQL Query Complexity Bypass

CVE-2025-11042 MEDIUM

GitLab 17.2-18.2.6, 18.3-18.3.2, 18.4 - Denial of Service via GraphQL Query

CVE-2025-10867 LOW

GitLab 18.1-18.2.6, 18.3-18.3.2, 18.4-18.4.0 - Authenticated Denial of Service via GraphQL API

CVE-2025-10858 HIGH

GitLab < 18.2.7, 18.3 < 18.3.3, 18.4 < 18.4.1 - Unauthenticated Denial of Service via Large JSON File Upload

CVE-2025-59830 HIGH

Rack < 2.2.18 - Denial of Service via Query Parameter Separator Bypass

CVE-2025-59418 MEDIUM

BunnyPad <11.0.27000.0915 - Buffer Overflow

CVE-2025-59421 LOW

frappe/press - Unauthenticated Resource Exhaustion via Repeated Invite Requests

CVE-2025-8396 MEDIUM

Temporal Server < 1.26.3, 1.27.0-1.27.2, 1.28.0 - Denial of Service via Authorization Header Bounds Check

CVE-2025-59375 HIGH

libexpat < 2.7.2 - Denial of Service via Large Dynamic Memory Allocation

CVE-2025-36035 MEDIUM

IBM PowerVM Hypervisor FW950.00-FW950.E0, FW1050.00-FW1050.50, FW1060.00-FW1060.40 DoS

CVE-2025-59139 MEDIUM

Hono < 4.9.7 - Denial of Service via Body Size Limit Bypass

CVE-2025-7337 MEDIUM

GitLab 7.8-18.1.5, 18.2-18.2.5, 18.3-18.3.1 - Authenticated Denial of Service via Large File Upload

CVE-2025-1250 MEDIUM

GitLab CE/EE <18.1.6-18.3.2 - Privilege Escalation

CVE-2025-58754 HIGH

Axios <0.30.2, <1.12.0 - Buffer Overflow

CVE-2025-48041 HIGH

Erlang/OTP 17.0-28.0.3, 27.3.4.3, 26.2.5.15 - Uncontrolled Resource Consumption in SSH SFTP Module

CVE-2025-48040 MEDIUM

Erlang OTP <28.0.3 - Uncontrolled Resource Consumption

CVE-2025-48039 MEDIUM

Erlang OTP <28.0.3 - Excessive Allocation

CVE-2025-48038 MEDIUM

Erlang OTP - Resource Leak Exposure

CVE-2025-59045 HIGH

Stalwart <0.13.3 - Memory Corruption

CVE-2025-58446 HIGH

xgrammar >=0.1.23 <0.1.24 - Denial of Service via Grammar Optimizer

CVE-2025-52494 HIGH

Adacore Ada Web Server < 26.0 - Denial of Service via Malformed TLS ClientHello

CVE-2025-9784 HIGH

Red Hat build of Apache Camel for Spring Boot - Denial of Service via MadeYouReset Attack

CVE-2025-30261 MEDIUM

Qsync Central - Denial of Service via Resource Exhaustion

CVE-2025-30260 MEDIUM

Qsync Central 4.5.0.3-4.5.0.6 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-29900 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.4906 - Authenticated Denial of Service

Previous Page 21 of 75 Next

Details

Vulnerabilities 1,859

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy