Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,867 vulnerabilities with CWE-770

CVE-2024-31881 MEDIUM

IBM Db2 10.5, 11.1, 11.5 - Authenticated Denial of Service via Crafted Query on Columnar Tables

CVE-2024-28762 MEDIUM

IBM Db2 10.5, 11.1, 11.5 - Denial of Service via Crafted Query

CVE-2024-34055 MEDIUM

Cyrus IMAP <3.8.3, <3.10.0-rc1 - Memory Corruption

CVE-2024-32871 HIGH

pimcore 11.0.0-11.2.3 - Denial of Service via Thumbnail Generation

CVE-2024-36378 MEDIUM

JetBrains TeamCity <2024.03.2 - DoS

CVE-2024-35238 MEDIUM

Minder < 0.0.51 - Denial of Service via GitHub Attestations Endpoint

CVE-2024-35231 HIGH

rack-contrib < 2.5.0 - Denial of Service via Unconstrained profiler_runs Parameter

CVE-2024-2874 MEDIUM

GitLab < 16.10.6, 16.11 < 16.11.3, 17.0 < 17.0.1 - Denial of Service via Runner Description

CVE-2024-31617 MEDIUM

OpenLiteSpeed <1.8.1 - Info Disclosure

CVE-2024-35969 MEDIUM

Linux Kernel Use-After-Free in IPv6 Address Handling

CVE-2024-35185 MEDIUM

Minder < 0.0.49 - Denial of Service via REST Ingester Large Response

CVE-2024-35176 MEDIUM

REXML < 3.2.7 - Denial of Service via Malformed XML Attribute

CVE-2024-34358 MEDIUM

TYPO3 <9.5.48 ELTS, <10.4.45 ELTS, <11.5.37 LTS, <12.4.15 LTS, <13....

CVE-2024-33495 MEDIUM

SIMATIC RTLS Locating Manager -<V3.0.1.1 - Info Disclosure

CVE-2024-25969 MEDIUM

Dell PowerScale OneFS 8.2.x-9.7.0.1 - Unauthenticated Denial of Service via Resource Allocation

CVE-2024-4539 MEDIUM

GitLab 15.4-16.9.6, 16.10-16.10.4, 16.11-16.11.1 - Denial of Service via API Branch and Tag Filtering

CVE-2024-32874 MEDIUM

Frigate < 0.13.2 - Denial of Service via Large Unicode Filename

CVE-2024-2454 MEDIUM

GitLab 15.11-16.9.6, 16.10-16.10.4, 16.11-16.11.1 - Denial of Service via Pins Endpoint

CVE-2024-28760 MEDIUM

IBM App Connect Enterprise 11.0.0.1-11.0.0.25 & 12.0.1.0-12.0.12.0 DoS via Dashboard

CVE-2024-27804 MEDIUM

iPadOS < 17.5 - Denial of Service via Improper Memory Handling

CVE-2024-0027 MEDIUM

Android - Local Denial of Service via SnoozeHelper Resource Exhaustion

CVE-2024-0026 MEDIUM

Android - Denial of Service via Resource Exhaustion in SnoozeHelper

CVE-2024-32663 HIGH

Suricata 6.0.0-6.0.18 - Denial of Service via HTTP/2 Memory Exhaustion

CVE-2024-4140 HIGH

Email-MIME < 1.954 - Denial of Service via Excessive Memory Use in MIME Message Parsing

CVE-2024-4029 MEDIUM

Wildfly - Denial of Service via Unlimited Management Interface Sockets

Previous Page 38 of 75 Next

Details

Vulnerabilities 1,867

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy