Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,867 vulnerabilities with CWE-770

CVE-2024-48843 HIGH

ABB ASPECT/NEXUS/MATRIX Firmware < 3.08.03 - Denial of Service

CVE-2024-11316 HIGH

Fileszie Check <3.08.02 - Info Disclosure

CVE-2024-48080 HIGH

aedes 0.51.2 - Denial of Service via Crafted Request

CVE-2024-52805 HIGH

Synapse < 1.120.1 - Denial of Service via Multipart/Form-Data Request

CVE-2024-37302 HIGH

Synapse < 1.106.0 - Unauthenticated Denial of Service via Remote Media Download

CVE-2024-53981 HIGH

python-multipart < 0.0.18 - Denial of Service via Excessive Logging

CVE-2024-31669 HIGH

rizin < 0.6.3 - Uncontrolled Resource Consumption in PE Import Parser

CVE-2024-41761 MEDIUM

IBM Db2 10.5, 11.1, 11.5 - Denial of Service via Crafted Query

CVE-2024-52804 HIGH

Tornado < 6.4.2 - Denial of Service via Malicious Cookie Header Parsing

CVE-2024-52797 MEDIUM

Opencast 11.4-13.9 - Denial of Service via Elasticsearch Query Retry Loop

CVE-2024-52581 HIGH

Litestar < 2.13.0 - Denial of Service via Multipart Form Parser

CVE-2024-48530 HIGH

eSoft Planner 3.24.08271-USA - Denial of Service via Instructor Appointment Availability POST Request

CVE-2024-52796 MEDIUM

Rubygems Pwpush < 1.49.0 - Resource Allocation Without Limits

CVE-2024-21539 HIGH

@eslint/plugin-kit < 0.2.3 - Regular Expression Denial of Service via Improper Input Sanitization

CVE-2024-50285 MEDIUM

Linux Kernel < 6.6.61 - Denial of Service via SMB Operation Memory Exhaustion

CVE-2024-50271 MEDIUM

Linux Kernel 5.14-6.1.117, 6.2-6.6.61, 6.7-6.11.8 - Resource Exhaustion via Signal Delivery

CVE-2024-52920 HIGH

Bitcoin Core < 0.20.0 - Denial of Service via Malformed GETDATA Message

CVE-2024-52918 MEDIUM

Bitcoin Core < 0.20.0 - Denial of Service via BIP21 r Parameter

CVE-2024-52917 MEDIUM

Bitcoin Core < 22.0 - Denial of Service via UPnP M-SEARCH Reply Memory Allocation

CVE-2024-52916 HIGH

Bitcoin Core < 0.15.0 - Denial of Service via Header Flood

CVE-2024-52915 HIGH

Bitcoin Core < 0.20.0 - Denial of Service via Crafted INV Message

CVE-2024-52914 HIGH

Bitcoin Core < 0.18.0 - Denial of Service via Orphan Transaction Processing

CVE-2024-52913 MEDIUM

Bitcoin Core < 0.21.0 - Unconfirmed Transaction Suppression via Mishandled Re-requests

CVE-2024-3760 HIGH

lunary < 1.2.8 - Email Bombing via Forgot Password Page

CVE-2024-4311 MEDIUM

zenml < 0.57.0rc2 - Account Takeover via Unlimited Password Change Attempts

Previous Page 33 of 75 Next

Details

Vulnerabilities 1,867

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy