Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,867 vulnerabilities with CWE-770

CVE-2024-58259 HIGH

Rancher 2.9.0-2.9.10, 2.10.0-2.10.8, 2.11.0-2.11.4, 2.12.0 - Denial of Service via Unrestricted Request Body Size

CVE-2024-38335 MEDIUM

IBM Security QRadar Network Threat Analytics <1.4 - DoS

CVE-2024-58114 MEDIUM

HarmonyOS - Denial of Service via ArkUI Framework Resource Allocation

CVE-2024-7803 MEDIUM

GitLab 11.6-17.10.6, 17.11-17.11.2, 18.0 - Denial of Service via Discord Webhook Integration

CVE-2024-8973 MEDIUM

GitLab 17.1-17.9.7, 17.10-17.10.5, 17.11-17.11.1 - Denial of Service via GitHub Import Request

CVE-2024-51461 MEDIUM

IBM QRadar WinCollect 10.0-10.1.13 - Denial of Service via HTTP Request Interruption

CVE-2024-45700 MEDIUM

Zabbix 6.0.0-6.0.38 - Denial of Service via Memory Exhaustion

CVE-2024-10307 MEDIUM

GitLab 12.10-17.8.5, 17.9-17.9.2, 17.10 - Uncontrolled CPU Consumption via Malicious Merge Request File

CVE-2024-45484 HIGH

B&R APROL < 4.4-00P5 - Unauthenticated Denial of Service via Network Configuration

CVE-2024-9437 HIGH

SuperAGI v0.0.14 - Unauthenticated Denial of Service via Multipart Boundary Processing

CVE-2024-9229 HIGH

quivr-core - Unauthenticated Denial of Service via Multipart Boundary Manipulation

CVE-2024-9056 HIGH

BentoML v1.3.4post1 - Unauthenticated Denial of Service via Multipart Boundary Processing

CVE-2024-8984 HIGH

litellm < 1.65.4 - Unauthenticated Denial of Service via Multipart Boundary Processing

CVE-2024-8966 HIGH

gradio/video 0.10.2 - Denial of Service via Multipart Boundary Processing

CVE-2024-8028 HIGH

danswer-ai/danswer < latest - Denial of Service via Malformed Multipart Boundary

CVE-2024-8018 HIGH

privategpt 0.5.0 - Denial of Service via Multipart Boundary Processing

CVE-2024-7983 HIGH

open-webui 0.3.8 - Unauthenticated Denial of Service via Markdown to HTML Conversion

CVE-2024-7768 HIGH

h2oai/h2o-3 3.46.1 - Denial of Service via Recursive Path Parameter in ImportFiles Endpoint

CVE-2024-12778 HIGH

aim 3.25.0 - Denial of Service via Excessive Metrics Request

CVE-2024-12537 HIGH

open-webui 0.3.32 - Unauthenticated Denial of Service via Code Format Endpoint

CVE-2024-11171 HIGH

librechat < 0.7.6 - Unauthenticated Denial of Service via Unrestricted File Upload Size

CVE-2024-10935 HIGH

stable-diffusion-webui 1.10.0 - Unauthenticated Denial of Service via Malformed Multipart Boundary

CVE-2024-10714 HIGH

gpt_academic 3.83 - Denial of Service via Multipart Boundary Character Overflow

CVE-2024-10713 HIGH

szad670401/hyperlpr 3.0 - Unauthenticated Denial of Service via Malformed Multipart Boundary

CVE-2024-10650 HIGH

ChuanhuChatGPT 20240918 - Unauthenticated Denial of Service via Multipart Boundary Payload

Previous Page 30 of 75 Next

Details

Vulnerabilities 1,867

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy