Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,867 vulnerabilities with CWE-770

CVE-2024-50955 HIGH

XINJE XD5E-24R/XL5E-16T <3.5.3b - DoS

CVE-2024-43083 MEDIUM

Android - Denial of Service via WifiConfigurationUtil Resource Exhaustion

CVE-2024-48989 HIGH

Bosch Rexroth IndraDrive FWA-INDRV*-MP* >=17VRS <20V36 - Denial of Service via PROFINET UDP Messages

CVE-2024-21994 MEDIUM

StorageGRID < 11.9.0 - Authenticated Denial of Service

CVE-2024-51428 HIGH

Espressif ESP-IDF 5.3.0 - Denial of Service via Crafted Data Channel Packet

CVE-2024-38286 HIGH

Apache Tomcat <11.0.0-M21 - Allocation of Resources Without Limits ...

CVE-2024-48809 HIGH

sdran-in-a-box 1.4.3 and onos-a1t 0.2.3 - Denial of Service via DeleteWatcher Function

CVE-2024-51557 MEDIUM

63moons Wave 2.0 < 1.1.7 - Authenticated OTP Flooding via Missing Rate Limiting

CVE-2024-10599 MEDIUM

Tongda OA 2017-11.7 - Denial of Service in Package Static Resources Processing

CVE-2024-31152 MEDIUM

LevelOne WBR-6012 Firmware R0.40e6 - Denial of Service via Crafted HTTP Requests

CVE-2024-7807 HIGH

gaizhenbiao/chuanhuchatgpt 20240628 - Denial of Service via Multipart Boundary Processing

CVE-2024-10468 MEDIUM

Firefox < 132.0 - Memory Corruption via IndexedDB Race Condition

CVE-2024-47401 MEDIUM

Mattermost <9.10.2, 9.11.1, 9.5.9 - Info Disclosure

CVE-2024-38821 CRITICAL

Spring WebFlux - Authorization Bypass via Static Resource Handling

CVE-2024-49767 HIGH

Werkzeug <3.0.6 - DoS

CVE-2024-6826 MEDIUM

GitLab 11.2-17.3.5 17.4.0-17.4.2 17.5.0 - Denial of Service via Malicious XML Manifest Import

CVE-2024-20526 MEDIUM

Cisco Adaptive Security Appliance Software - Unauthenticated Denial of Service via SSH Message Handling

CVE-2024-31880 MEDIUM

IBM Db2 10.5.0.0-10.5.10 and 11.5-11.5.8 - Authenticated Denial of Service via Crafted SQL Statement

CVE-2024-45526 MEDIUM

OPC Foundation UA-.NETStandard <1.5.374.78 - DoS

CVE-2024-50311 MEDIUM

OpenShift Container Platform - Denial of Service via GraphQL Batch Query Aliases

CVE-2024-45797 HIGH

libhtp < 0.5.49 - Denial of Service via Unbounded HTTP Header Processing

CVE-2024-41128 MEDIUM

Rubygems Actionpack < 6.1.7.9 - Resource Allocation Without Limits

CVE-2024-47874 HIGH

Starlette < 0.40.0 - Denial of Service via Unbounded Multipart Form Data Handling

CVE-2024-8184 MEDIUM

Eclipse Jetty 9.3.12-9.4.55 and 12.0.0-12.0.8 - Unauthenticated Denial of Service via ThreadLimitHandler

CVE-2024-6762 LOW

Eclipse Jetty 10.0.0-10.0.17 - Unauthenticated Denial of Service via PushSessionCacheFilter

Previous Page 34 of 75 Next

Details

Vulnerabilities 1,867

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy