Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,859 vulnerabilities with CWE-770

CVE-2025-52568 HIGH

NeKernal <0.0.3 - Memory Corruption

CVE-2025-48467 MEDIUM

Advantech WISE-4000 Series LAN Firmware - Denial of Service via Repeated Reboots

CVE-2025-48462 MEDIUM

Advantech WISE-4000 Series LAN Firmware - Session Slot Exhaustion DoS

CVE-2025-52917 MEDIUM

Yealink RPS API <2025-05-26 - Info Disclosure

CVE-2025-3221 HIGH

IBM InfoSphere Information Server 11.7.0.0-11.7.1.6 - Denial of Service via Insufficient Request Resource Validation

CVE-2025-4821 HIGH

Cloudflare quiche < 0.24.4 - Unauthenticated Denial of Service via Congestion Window Overflow

CVE-2025-4820 MEDIUM

Cloudflare quiche < 0.24.4 - Unauthenticated Denial of Service via Congestion Window Manipulation

CVE-2025-45526 LOW

microlight 0.0.7 - Denial of Service via Large Content Processing in HTML Elements

CVE-2025-48988 HIGH

Apache Tomcat - Allocation of Resources Without Limits or Throttling

CVE-2025-48976 HIGH

Apache Commons FileUpload <1.6-2.0.0-M4 - DoS

CVE-2025-5996 MEDIUM

GitLab 2.1.0-17.10.7, 17.11.0-17.11.3, 18.0.0-18.0.1 - DoS via HTTP Response Input Validation Bypass

CVE-2025-1516 MEDIUM

GitLab 8.7-17.10.7, 17.11-17.11.3, 18.0-18.0.1 - Denial of Service via Token Name Input Validation

CVE-2025-1478 MEDIUM

GitLab 8.13-17.10.6, 17.11-17.11.2, 18.0 - Denial of Service via Board Name Input

CVE-2025-25032 HIGH

IBM Cognos Analytics 11.2.0-11.2.4 12.0.0-12.0.4 - Authenticated Denial of Service via Memory Exhaustion

CVE-2025-48448 MEDIUM

Drupal Admin Audit Trail <1.0.5 - Info Disclosure

CVE-2025-4605 MEDIUM

Autodesk Maya 2025-2025.3.1 - Denial of Service via Malicious .usdc File

CVE-2025-49140 HIGH

Pion Interceptor 0.1.36-0.1.38 - Denial of Service via Crafted RTP Packet Padding

CVE-2025-48053 HIGH

Discourse < 3.4.4 and < 3.5.0 - Denial of Service via Malicious URL in Private Message

CVE-2025-25207 MEDIUM

Authorino - Denial of Service via Post-Authorization Callback Flood

CVE-2025-47950 HIGH

CoreDNS < 1.12.2 - Unauthenticated Denial of Service via Unbounded QUIC Stream Goroutines

CVE-2025-29872 HIGH

QNAP File Station 5.5.6.4691-5.5.6.4846 - Authenticated Denial of Service

CVE-2025-22484 HIGH

QNAP File Station 5 5.5.x < 5.5.6.4847 - Authenticated Denial of Service

CVE-2025-5683 MEDIUM

Qt 6.3.0-6.5.9 6.6.0-6.8.4 6.9.0 - Denial of Service via Crafted ICNS Image File

CVE-2025-49007 MEDIUM

Rack 3.1.0-3.1.15 - Denial of Service via Content-Disposition Header Parsing

CVE-2025-49000 LOW

InvenTree < 0.17.13 - Authenticated Denial of Service via Label-Sheet Plugin Skip Field

Previous Page 24 of 75 Next

Details

Vulnerabilities 1,859

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy