Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,859 vulnerabilities with CWE-770

CVE-2025-29899 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.4906 - Authenticated Denial of Service

CVE-2025-29898 MEDIUM

Qsync Central 4.5.0.3-4.5.0.6 - Authenticated Denial of Service via Resource Consumption

CVE-2025-29890 MEDIUM

QNAP File Station 5.5.6.4691-5.5.6.4906 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-58058 MEDIUM

ulikunitz/xz < 0.5.14 - Denial of Service via Malformed LZMA Header

CVE-2025-6203 HIGH

HashiCorp Vault 1.15.0-1.16.26, 1.17.0-1.20.2 - Denial of Service via Complex JSON Payloads

CVE-2025-4225 MEDIUM

GitLab 14.1-18.1.4, 18.2-18.2.4, 18.3-18.3.0 - Unauthenticated Denial of Service via GraphQL Requests

CVE-2025-3601 MEDIUM

GitLab 8.15-18.1.4, 18.2-18.2.4, 18.3-18.3.0 - Authenticated Denial of Service via Large URL Response

CVE-2025-57810 HIGH

jspdf < 3.0.2 - Denial of Service via addImage Method

CVE-2025-43762 MEDIUM

Liferay Digital Experience Platform - Resource Allocation Without L...

CVE-2025-43752 MEDIUM

Liferay Portal 7.4.0-7.4.3.132 & DXP 2024.Q1.1-2024.Q1.15 - DoS via Unlimited File Upload

CVE-2025-4437 MEDIUM

cri-o - Denial of Service via Large /etc/passwd File Processing

CVE-2025-36047 MEDIUM

IBM WebSphere Application Server Liberty 18.0.0.2-25.0.0.8 - Denial of Service via Crafted Request

CVE-2025-55199 MEDIUM

Helm < 3.18.5 - Denial of Service via Malicious JSON Schema File

CVE-2025-55197 HIGH

pypdf < 6.0.0 - Denial of Service via FlateDecode Filter RAM Exhaustion

CVE-2025-2614 MEDIUM

GitLab 11.6-18.0.5, 18.1-18.1.3, 18.2-18.2.1 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-1477 MEDIUM

GitLab 8.14-18.0.5, 18.1-18.1.3, 18.2-18.2.1 - Unauthenticated Denial of Service via Integration API Endpoints

CVE-2025-55163 HIGH

Netty <4.1.124.Final-4.2.4.Final - DoS

CVE-2025-54500 MEDIUM

F5 BIG-IP 15.1.0-15.1.10.8 - Denial of Service via HTTP/2 Control Frame Manipulation

CVE-2025-8916 MEDIUM

BC Java 1.44-1.78 and BCPKIX FIPS 1.0.0-1.0.7, 2.0.0-2.0.7 - Excessive Allocation in PKIXCertPathReviewer

CVE-2025-50172 MEDIUM

Windows DirectX - Denial of Service via Resource Allocation Without Limits

CVE-2025-40570 LOW

SIPROTEC 5 - Denial of Service via USB Port Bandwidth Exhaustion

CVE-2025-43736 MEDIUM

Liferay Digital Experience Platform - Resource Allocation Without L...

CVE-2025-8885 MEDIUM

Org.bouncycastle Bcprov-jdk14 - Resource Allocation Without Limits

CVE-2025-54884 HIGH

Vision UI < 1.5.0 - Denial of Service via Security-Kit Secure ID Generation

CVE-2025-54879 MEDIUM

Mastodon 3.1.5-4.2.24, 4.3.0-4.3.11, 4.4.0-4.4.3 - Denial of Service via Email Confirmation Rate Limit Bypass

Previous Page 22 of 75 Next

Details

Vulnerabilities 1,859

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy