Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,867 vulnerabilities with CWE-770

CVE-2025-32374 MEDIUM

Dnnsoftware Dotnetnuke < 9.13.8 - Resource Allocation Without Limits

CVE-2025-26682 HIGH

ASP.NET Core 8.0.0-8.0.14 - Unauthenticated Denial of Service via Resource Allocation

CVE-2025-32025 MEDIUM

bep/imagemeta < 0.11.0 - Denial of Service via Unbounded Memory Allocation

CVE-2025-32024 MEDIUM

bep/imagemeta < 0.10.0 - Denial of Service via EXIF Data Parsing

CVE-2025-32034 HIGH

Apollo Router < 1.61.2 and 2.0.0-alpha.0-2.1.1 - Denial of Service via Named Fragment Expansion

CVE-2025-32032 HIGH

Apollo Router < 1.61.2 and 2.0.0-alpha.0-2.1.1 - Denial of Service via Deeply Nested Named Fragments

CVE-2025-32031 HIGH

Apollo Gateway < 2.10.1 - Denial of Service via Deeply Nested Named Fragments

CVE-2025-32030 HIGH

Apollo Gateway < 2.10.1 - Denial of Service via Named Fragment Expansion

CVE-2025-31496 HIGH

apollo-compiler < 1.27.0 - Denial of Service via Deeply Nested Named Fragments

CVE-2025-24317 MEDIUM

JTEKT ELECTRONICS HMI ViewJet C-more and GC-A2 series - Unauthenticated Denial of Service

CVE-2025-32049 HIGH

Red Hat Enterprise Linux - Denial of Service via Large WebSocket Message

CVE-2025-27556 MEDIUM

Django 5.0-5.0.13 and 5.1-5.1.7 - Denial of Service via NFKC Normalization on Windows

CVE-2025-30350 MEDIUM

Directus 9.22.0-11.5.0 - Denial of Service via HEAD Request Burst

CVE-2025-30225 MEDIUM

Directus 9.22.0-11.5.0 - Denial of Service via Malformed Transformation Requests

CVE-2025-2559 MEDIUM

Keycloak - Denial of Service via JWT Token Cache Exhaustion

CVE-2025-1451 HIGH

lollms_web_ui v13 - Denial of Service via Multipart Boundary Length Exhaustion

CVE-2025-0315 HIGH

ollama <=0.3.14 - Denial of Service via Custom GGUF Model File Upload

CVE-2025-0189 HIGH

aimstack aim 3.25.0 - Denial of Service via Large WebSocket Image Upload

CVE-2025-0182 HIGH

danswer-ai/danswer 0.9.0 - Denial of Service via SAML Callback Endpoint

CVE-2025-29770 MEDIUM

vllm < 0.8.0 - Denial of Service via Outlines Grammar Cache Exhaustion

CVE-2025-29907 HIGH

jsPDF < 3.0.1 - Denial of Service via addImage Method

CVE-2025-29786 HIGH

expr < 1.17.0 - Denial of Service via Unbounded Input Expression

CVE-2025-1257 MEDIUM

GitLab 12.3.0-17.7.6, 17.8.0-17.8.4, 17.9.0-17.9.1 - Denial of Service via API Input Manipulation

CVE-2025-20209 HIGH

Cisco IOS XR - Unauthenticated Denial of Service via Malformed IKEv2 Packets

CVE-2025-20141 HIGH

Cisco IOS XR 7.9.2 - Unauthenticated Denial of Service via Punted Packet Handling

Previous Page 27 of 75 Next

Details

Vulnerabilities 1,867

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy