Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,881 vulnerabilities with CWE-770

CVE-2023-38039 HIGH

curl 7.84.0-8.2.0 - Denial of Service via Unbounded HTTP Response Header Storage

CVE-2023-4578 MEDIUM

Firefox < 117.0, Firefox ESR < 115.2, Thunderbird < 115.2 - Denial of Service via RegExp Syntax Error Mishandling

CVE-2023-39322 HIGH

GO < 1.21.1 - Resource Allocation Without Limits

CVE-2023-34994 LOW

OAS Platform 18.00.0072 - Improper Resource Allocation via Configuration Management

CVE-2023-4647 MEDIUM

GitLab 15.2-16.1.4, 16.2-16.2.4, 16.3 - Denial of Service via Projects API Pagination Bypass

CVE-2023-40710 MEDIUM

opto22 SNAP PAC S1 Firmware R10.3b - Denial of Service via HTTP GET Request Flood

CVE-2023-40709 MEDIUM

opto22 SNAP PAC S1 Firmware R10.3b - Denial of Service via ICMP Request Flood

CVE-2023-33953 HIGH

gRPC < 1.53.2 - Denial of Service via HPACK Parser Memory and CPU Exhaustion

CVE-2023-39533 HIGH

go-libp2p < 0.27.8 - Resource Exhaustion via Large RSA Key Signature Verification

CVE-2023-39269 HIGH

Siemens RUGGEDCOM ROS < 4.3.8 - Denial of Service via Web Server

CVE-2023-38532 LOW

Parasolid <V34.1.258, V35.0.254, V35.1.171 - Buffer Overflow

CVE-2023-4138 MEDIUM

rdiffweb < 2.8.0 - Denial of Service via Resource Exhaustion

CVE-2023-29408 MEDIUM

golang/image < 0.10.0 - Denial of Service via TIFF Tile Decompression

CVE-2023-4011 MEDIUM

GitLab 15.11-16.2.2 - Denial of Service via Resource Consumption Spike

CVE-2023-4046 MEDIUM

Firefox < 116 - Denial of Service via WASM JIT Analysis

CVE-2023-38684 MEDIUM

Discourse <3.0.6-3.1.0.beta7 - Info Disclosure

CVE-2023-38498 MEDIUM

Discourse <3.0.6-3.1.0.beta7 - Info Disclosure

CVE-2023-37906 MEDIUM

Discourse < 3.0.6 - Denial of Service via Crafted Edit Reason

CVE-2023-38492 MEDIUM

Kirby < 3.5.8.3, < 3.6.6.3, < 3.7.5.2, < 3.8.4.1, < 3.9.6 - Denial of Service via Excessive Password Length

CVE-2023-37900 LOW

Crossplane < 1.11.5, 1.12.3, 1.13.0 - Denial of Service via Large Package Image Parsing

CVE-2023-3242 HIGH

B&R Industrial Automation Automation Runtime <G4.93 - DoS

CVE-2023-32481 MEDIUM

Dell Wyse Management Suite < 4.0 - Authenticated Denial of Service via SMTP Request Flood

CVE-2023-38405 HIGH

Crestron 3-Series <1.8001.0187 - Buffer Overflow

CVE-2023-29449 MEDIUM

Zabbix < 5.0.31 - Authenticated Resource Exhaustion via JavaScript Preprocessing

CVE-2023-36521 HIGH

SIMATIC MV540 H/S, MV550 H/S, MV560 U/X < 3.3.4 - Denial of Service via Result Synchronization Server

Previous Page 46 of 76 Next

Details

Vulnerabilities 1,881

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy