Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,867 vulnerabilities with CWE-770

CVE-2024-22255 HIGH

VMware ESXi, Workstation, and Fusion - Info Disclosure

CVE-2024-1953 MEDIUM

Mattermost <8.1.9, <9.2.5, 9.3.0, <9.4.2 - DoS

CVE-2024-26461 HIGH

MIT Kerberos 5 1.21.2 - Memory Leak in k5sealv3.c

CVE-2024-20321 HIGH

Cisco NX-OS - Unauthenticated Denial of Service via eBGP Traffic Rate-Limiter Exhaustion

CVE-2024-23837 HIGH

libhtp < 0.5.46 - Denial of Service via HTTP Header Processing

CVE-2024-23836 HIGH

Suricata < 6.0.16 and 7.0.3 - Denial of Service via Resource Exhaustion

CVE-2024-23835 HIGH

Suricata 7.0.0-7.0.2 - Denial of Service via PostgreSQL Parser Memory Exhaustion

CVE-2024-22201 HIGH

Eclipse Jetty 9.3.0-9.4.53, 10.0.8-10.0.19, 12.0.0-12.0.5 - Denial of Service via HTTP/2 SSL Connection Leak

CVE-2024-0563 MEDIUM

M-Files Server < 24.2 - Unauthenticated Denial of Service

CVE-2024-26265 MEDIUM

Liferay Portal 7.2.0-7.4.3.15 & DXP <7.4 U16 - Authenticated Arbitrary File Upload

CVE-2024-25978 HIGH

moodle 4.1.0-4.1.8 and 4.3.0-4.3.2 - Denial of Service via File Picker Unzip Functionality

CVE-2024-26308 MEDIUM

Apache Commons Compress 1.21-1.25 - Allocation of Resources Without Limits or Throttling

CVE-2024-20968 MEDIUM

MySQL Server 8.0.0-8.0.34 and 8.1.0 - Denial of Service in Server Options

CVE-2024-23979 HIGH

F5 BIG-IP - Denial of Service via SSL Client Certificate LDAP or CRLDP Authentication

CVE-2024-21771 HIGH

F5 Big-ip Advanced Firewall Manager < 15.1.9 - Resource Allocation Without Limits

CVE-2024-21875 MEDIUM

Badge Team Hacker Hotel Badge 2024 0.1.0-0.1.3 - Denial of Service via Resource Flooding

CVE-2024-1066 MEDIUM

GitLab 13.3.0-16.6.6, 16.7.0-16.7.4, 16.8.0-16.8.1 - Resource Exhaustion via GraphQL vulnerabilitiesCountByDay

CVE-2024-25143 MEDIUM

Liferay Digital Experience Platform 7.2.0-7.3.6 - Authenticated Denial of Service via PNG Preview Generation

CVE-2024-24752 MEDIUM

Bref < 2.1.13 - Denial of Service via Multipart File Upload Temporary File Accumulation

CVE-2024-23826 MEDIUM

spbu_se_site < 2024.01.29 - Authenticated Denial of Service via Large Unicode Filename Upload

CVE-2024-23820 MEDIUM

OpenFGA < 1.4.3 - Denial of Service via ListObjects Memory Leak

CVE-2024-21655 MEDIUM

Discourse < 3.1.4 - Unauthenticated Resource Exhaustion via Client-Editable Fields

CVE-2024-21604 HIGH

Juniper Junos OS Evolved - Unauthenticated Denial of Service via Kernel Resource Exhaustion

CVE-2024-22164 MEDIUM

Splunk Enterprise Security < 7.1.2 - Denial of Service via Investigation Attachment Endpoint

CVE-2024-0241 HIGH

Diaconou Encodedid < 1.0.0 - Denial of Service

Previous Page 41 of 75 Next

Details

Vulnerabilities 1,867

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy