Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,867 vulnerabilities with CWE-770

CVE-2024-10225 HIGH

hliu/llava v1.2.0 - Denial of Service via Multipart Boundary Processing

CVE-2024-10051 HIGH

Realchar v0.0.4 - Unauthenticated Denial of Service via Multipart Boundary Processing

CVE-2024-13054 MEDIUM

GitLab < 17.7.7, 17.8 < 17.8.5, 17.9 < 17.9.2 - Denial of Service

CVE-2024-58089 MEDIUM

Linux Kernel 5.0-6.12.16, 6.13.0-6.13.4 - Denial of Service via Btrfs Ordered Extent Accounting Race

CVE-2024-57972 MEDIUM

Microsoft HoloLens <10.0.17763.3046-10.0.22621.1244 - DoS

CVE-2024-46933 HIGH

Atos Eviden BullSequana XH2140 BMC <C4EM-125 - DoS

CVE-2024-49589 MEDIUM

com.palantir.artifacts:artifacts < 0.1337.0 - Denial of Service via User-Supplied Size Argument

CVE-2024-12379 MEDIUM

GitLab 14.1-17.6.4, 17.7-17.7.3, 17.8-17.8.1 - Denial of Service via Personal Access Token Scopes Parameter

CVE-2024-37358 HIGH

Apache James Server < 3.7.6 - Denial of Service via IMAP Literals Abuse

CVE-2024-38316 MEDIUM

IBM Aspera Shares <1.10.0 PL6 - DoS

CVE-2024-2878 HIGH

GitLab 15.7-16.9.6, 16.10-16.10.4, 16.11-16.11.1 - Denial of Service via Crafted Branch Name Search

CVE-2024-9631 HIGH

GitLab CE/EE <17.2.9-17.4.2 - Info Disclosure

CVE-2024-12705 HIGH

BIND 9 9.18.0-9.18.32, 9.20.0-9.20.4, 9.21.0-9.21.3, 9.18.11-S1-9.18.32-S1 DoS via DNS-over-HTTPS HTTP/2 Flood

CVE-2024-56316 HIGH

AXESS ACS <= 5.2.0 - Unauthenticated Denial of Service via TR069 API

CVE-2024-54497 MEDIUM

Apple iPadOS < 17.7.4 - Denial of Service via Web Content Processing

CVE-2024-55195 HIGH

OpenImageIO v3.1.0.0dev - Denial of Service via Allocation-Size-Too-Big in imagebuf.cpp

CVE-2024-43708 MEDIUM

Kibana < 7.17.23 - Denial of Service via Crafted Payload to UI Inputs

CVE-2024-52972 MEDIUM

Kibana < 7.17.23 - Denial of Service via Crafted Request to /api/metrics/snapshot

CVE-2024-57722 HIGH

lunasvg 3.0.0 - Denial of Service via plutovg_surface_create

CVE-2024-52973 MEDIUM

Kibana < 7.17.23 - Denial of Service via /api/log_entries/summary Request

CVE-2024-43709 MEDIUM

Elasticsearch 7.17.0-7.17.20 - Denial of Service via SQL Function Query

CVE-2024-41743 HIGH

IBM TXSeries for Multiplatforms 10.1 - Denial of Service via Persistent Connections

CVE-2024-41742 HIGH

IBM TXSeries for Multiplatforms 10.1 - Denial of Service via Slowloris-Type Attack

CVE-2024-45662 HIGH

IBM Safer Payments 6.4.0.00-6.4.2.07, 6.5.0.00-6.5.0.05, 6.6.0.00-6.6.0.03 - Denial of Service via Resource Allocation

CVE-2024-36403 MEDIUM

matrix-media-repo < 1.3.5 - Unauthenticated Resource Consumption via Remote Media Download

Previous Page 31 of 75 Next

Details

Vulnerabilities 1,867

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy