Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,881 vulnerabilities with CWE-770

CVE-2023-50247 LOW

Dena H2o < 2.2.6 - Resource Allocation Without Limits

CVE-2023-50455 HIGH

Zammad < 6.2.0 - Denial of Service via Email Address Verification Spam

CVE-2023-6337 HIGH

HashiCorp Vault <1.15.4-1.14.8-1.13.12 - DoS

CVE-2023-4486 HIGH

Johnson Controls Metasys NAE55/SNE/SNC & Facility Explorer F4-SNC <12.0.4 DoS via Invalid Credentials

CVE-2023-48831 HIGH

Availability Booking Calendar 5.0 - DoS

CVE-2023-4912 LOW

GitLab 10.5-16.4.2, 16.5-16.5.2, 16.6 - Client-Side Denial of Service via Malicious Mermaid Diagram Input

CVE-2023-34389 MEDIUM

SEL-451 Firmware - Authenticated Denial of Service via Resource Exhaustion

CVE-2023-42504 MEDIUM

Apache Superset < 3.0.0 - Authenticated Denial of Service via Concurrent Dashboard Export Requests

CVE-2023-6117 MEDIUM

M-Files Server < 23.11.13156.0 - Denial of Service via Obsolete Rest API Methods

CVE-2023-38543 HIGH

Ivanti Secure Access Client <22.6R1.1 - DoS

CVE-2023-47108 HIGH

OpenTelemetry-Go Contrib 0.37.0-0.45.0 - Unbounded Resource Allocation via gRPC Unary Server Interceptor

CVE-2023-47120 HIGH

Discourse 3.1.0-3.1.2 and 3.1.0.beta6-3.2.0.beta2 - Denial of Service via Favicon URL Oneboxing

CVE-2023-46130 MEDIUM

Discourse <3.1.3-3.2.0.beta3 - Info Disclosure

CVE-2023-5963 LOW

GitLab 13.9-16.3.6, 16.4.0-16.4.1, 16.5.0 - Denial of Service via Advanced Search Syntax Operator Chaining

CVE-2023-3246 MEDIUM

GitLab < 16.3.6, 16.4-16.4.2, 16.5-16.5.1 - Denial of Service via Sidekiq Job Processor Blocking

CVE-2023-44271 HIGH

Pillow < 10.0.0 - Denial of Service via Truetype Font Memory Allocation

CVE-2023-46695 HIGH

Django 3.2-3.2.22, 4.1-4.1.12, 4.2-4.2.6 - Denial of Service via NFKC Unicode Normalization

CVE-2023-20155 HIGH

Cisco Firepower Management Center - DoS

CVE-2023-5625 MEDIUM

Red Hat OpenShift Container Platform - Allocation of Resources Without Limits or Throttling

CVE-2023-29973 MEDIUM

pfSense 2.6.0 - Allocation of Resources Without Limits or Throttling

CVE-2023-45862 MEDIUM

Linux kernel <6.2.5 - Memory Corruption

CVE-2023-45130 HIGH

Parity Frontier < 0.1.0 - Denial of Service via Unbounded Storage Deletion in SUICIDE Opcode

CVE-2023-5573 MEDIUM

vrite < 0.3.0 - Denial of Service via Resource Exhaustion

CVE-2023-44191 HIGH

Juniper Junos OS 21.1-22.4 - Unauthenticated Denial of Service via DHCP Packet Handling

CVE-2023-5072 HIGH

JSON-Java <= 20230618 - Denial of Service via Memory Exhaustion

Previous Page 44 of 76 Next

Details

Vulnerabilities 1,881

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy