Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,867 vulnerabilities with CWE-770

CVE-2024-38535 HIGH

Suricata <6.0.20-7.0.6 - Memory Corruption

CVE-2024-38534 HIGH

Suricata < 7.0.6 - Denial of Service via Crafted Modbus Traffic

CVE-2024-6037 CRITICAL

gaizhenbiao/chuanhuchatgpt 20240410 - Unauthenticated Arbitrary Folder Creation and Denial of Service

CVE-2024-31314 MEDIUM

Android - Denial of Service via ShortcutService Resource Exhaustion

CVE-2024-6600 MEDIUM

Firefox < 128 and ESR < 115.13 - Out-of-Bounds Access via Large GLSL Shader Allocation

CVE-2024-6598 MEDIUM

KNIME Business Hub 1.10.0-1.10.1 - DoS

CVE-2024-39876 MEDIUM

SINEMA Remote Connect Server < 3.2 SP1 - Unauthenticated Denial of Service via Log Rotation Resource Exhaustion

CVE-2024-33862 HIGH

OPCFoundation.NetStandard.Opc.Ua.Core < 1.5.374.54 - Denial of Service via Excessive Message Buffer Allocation

CVE-2024-39484 MEDIUM

Linux Kernel < 2.6.33 - Resource Leak via MMC Davinci Driver Remove Function

CVE-2024-39482 MEDIUM

Linux Kernel - Denial of Service via Variable Length Array Abuse in btree_iter

CVE-2024-39478 MEDIUM

Linux Kernel - Allocation of Resources Without Limits or Throttling in RSA Text Data Buffer

CVE-2024-39477 MEDIUM

Linux Kernel 6.9-6.9.4 - Denial of Service via Hugepage Reservation Handling

CVE-2024-39474 MEDIUM

Linux Kernel < 5.17 - Denial of Service via vmalloc __GFP_NOFAIL OOM Bypass

CVE-2024-39472 MEDIUM

Linux Kernel - Out-of-Bounds Access via XFS Log Recovery Buffer Allocation

CVE-2024-6427 HIGH

MESbook 20221021.03 - Uncontrolled Resource Consumption

CVE-2024-37298 HIGH

gorilla/schema < 1.4.1 - Memory Exhaustion via Sparse Slice Allocation

CVE-2024-34703 HIGH

Botan < 2.19.4 and 3.0.0-alpha0-3.3.0 - Asymmetric Resource Consumption via Explicit Elliptic Curve Parameter Parsing

CVE-2024-38528 HIGH

ntpd-rs 0.3.1-1.1.2 - Unauthenticated Denial of Service via NTS-KE Connection Flood

CVE-2024-35116 MEDIUM

IBM MQ 9.0.0.0-9.0.0.25 and 9.3.0.0-9.3.x.x - Denial of Service via Configuration Change Error

CVE-2024-31919 MEDIUM

IBM MQ 9.0-9.3 - Denial of Service via MQBUFMH API Exit Message Processing

CVE-2024-37681 MEDIUM

Shanxi Internet Chuangxiang Tech <v1.0.1 - DoS

CVE-2024-34027 HIGH

Linux Kernel 5.8-6.9.3 Filesystem Metadata Corruption via Compression Block Race Condition

CVE-2024-6176 MEDIUM

LG SuperSign CMS 4.1.3-< 4.3.1 - Port Scanning via Resource Allocation Without Limits

CVE-2024-5208 MEDIUM

AnythingLLM < 1.0.0 - Authenticated Denial of Service via Upload-Link Endpoint

CVE-2024-37309 MEDIUM

CrateDB < 5.7.2 - Denial of Service via TLS Renegotiation

Previous Page 37 of 75 Next

Details

Vulnerabilities 1,867

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy