Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,865 vulnerabilities with CWE-770

CVE-2025-47950 HIGH

CoreDNS < 1.12.2 - Unauthenticated Denial of Service via Unbounded QUIC Stream Goroutines

CVE-2025-29872 HIGH

QNAP File Station 5.5.6.4691-5.5.6.4846 - Authenticated Denial of Service

CVE-2025-22484 HIGH

QNAP File Station 5 5.5.x < 5.5.6.4847 - Authenticated Denial of Service

CVE-2025-5683 MEDIUM

Qt 6.3.0-6.5.9 6.6.0-6.8.4 6.9.0 - Denial of Service via Crafted ICNS Image File

CVE-2025-49007 MEDIUM

Rack 3.1.0-3.1.15 - Denial of Service via Content-Disposition Header Parsing

CVE-2025-49000 LOW

InvenTree < 0.17.13 - Authenticated Denial of Service via Label-Sheet Plugin Skip Field

CVE-2025-46807 HIGH

sslh < 2.2.4 - Denial of Service via File Descriptor Exhaustion

CVE-2025-3050 MEDIUM

IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.1 - Authenticated Denial of Service via Q Replication

CVE-2025-48738 MEDIUM

StrangeBee TheHive <5.2.16-5.3.11-5.4.10-5.5.1 - DoS

CVE-2025-48375 MEDIUM

Schule School Management System < 1.0.1 - Denial of Service via OTP Request Flooding

CVE-2025-0993 HIGH

GitLab < 17.10.7, 17.11 < 17.11.3, 18.0 < 18.0.1 - Authenticated Denial of Service via Resource Exhaustion

CVE-2025-3111 MEDIUM

GitLab 10.2-17.10.6, 17.11-17.11.2, 18.0 - Authenticated Denial of Service via Kubernetes Integration

CVE-2025-2853 MEDIUM

GitLab < 17.10.7, 17.11 < 17.11.3, 18.0 < 18.0.1 - Authenticated Denial of Service

CVE-2025-4416 HIGH

Drupal Events Log Track < 3.1.11 and 4.0.0-4.0.1 - Excessive Resource Allocation

CVE-2025-47793 MEDIUM

Nextcloud Groupfolders 16.0.0-16.0.10 & Server 28.0.0-28.0.11, 29.0.0-29.0.8 - Authenticated Resource Exhaustion

CVE-2025-47287 HIGH

Tornado < 6.5.0 - Denial of Service via Multipart Form Data Parser

CVE-2025-29957 MEDIUM

Windows 10 1507-22H2 and Windows 11 22H2 - Unauthenticated Denial of Service via Uncontrolled Resource Consumption

CVE-2025-29954 MEDIUM

Windows 10 1507-22H2 and Windows 11 22H2 - Unauthenticated Denial of Service via LDAP Resource Consumption

CVE-2025-26677 HIGH

Windows Server 2016/2019/2022/2025 < 10.0.26100.4061 - Remote Desktop Gateway DoS

CVE-2025-3632 HIGH

IBM 4769 Developers Toolkit 7.0.0-7.5.52 - Denial of Service via Excessive Memory Allocation

CVE-2025-4432 MEDIUM

Ring < 0.17.12 - Denial of Service via QUIC Packet Overflow Check Panic

CVE-2025-37805 MEDIUM

Linux Kernel - Denial of Service via Uninitialized Work Struct in virtio_snd

CVE-2025-32873 MEDIUM

Django 4.2-4.2.20, 5.1-5.1.8, 5.2-5.2.0 - Denial of Service via Incomplete HTML Tag Processing

CVE-2025-46727 HIGH

Rack <2.2.14,3.0.16,3.1.14 - Info Disclosure

CVE-2025-36504 HIGH

F5 BIG-IP 16.1.0-16.1.5 - Memory Exhaustion via HTTP/2 httprouter Profile

Previous Page 25 of 75 Next

Details

Vulnerabilities 1,865

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy