CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,881 vulnerabilities with CWE-770
CVE-2023-3566 LOW
wallabag 2.5.4 - Resource Allocation
CVSS 3.5
CVE-2023-27540 MEDIUM
IBM Watson CP4D Data Stores 4.6.0 - Denial of Service via Resource Allocation Without Limits
CVSS 5.9
CVE-2023-36461 HIGH
Mastodon < 3.5.9 - Denial of Service via Slowloris HTTP Response
CVSS 7.5
CVE-2023-36814 HIGH
Products.CMFCore < 3.2 - Unauthenticated Denial of Service via Marshal Module Input Handling
CVSS 7.5
CVE-2023-34450 LOW
CometBFT 0.34.28 - Denial of Service via PeerState JSON Serialization Deadlock
CVSS 3.7
CVE-2023-21176 MEDIUM
Android 13 - Denial of Service via Resource Exhaustion in list_key_entries
CVSS 4.4
CVE-2023-20108 HIGH
Cisco Unified Communications Manager IM& Presence Service - DoS
CVSS 7.5
CVE-2023-32385 MEDIUM
iPadOS < 16.5 - Denial of Service via PDF File Processing
CVSS 5.5
CVE-2023-34462 MEDIUM
Netty < 4.1.94 - Denial of Service via SniHandler Heap Allocation
CVSS 6.5
CVE-2023-36357 HIGH
TP-Link TL-WR940N/TL-WR841N/TL-WR941ND - Denial of Service via LocalManageControlRpm GET Request
CVSS 7.7
CVE-2023-36371 HIGH
MonetDB Server 11.45.17 and 11.46.0 - Denial of Service via GDKfree Component
CVSS 7.5
CVE-2023-36370 HIGH
MonetDB v11.45.17 and v11.46.0 - Denial of Service via Crafted SQL Statements
CVSS 7.5
CVE-2023-36369 HIGH
MonetDB v11.45.17 and v11.46.0 - Denial of Service via list_append Component
CVSS 7.5
CVE-2023-36368 HIGH
MonetDB Server v11.45.17 and v11.46.0 - Denial of Service via cs_bind_ubat
CVSS 7.5
CVE-2023-36367 HIGH
MonetDB Server v11.45.17 and v11.46.0 - Denial of Service via BLOBcmp Component
CVSS 7.5
CVE-2023-36366 HIGH
MonetDB v11.45.17 and v11.46.0 - Denial of Service via log_create_delta Component
CVSS 7.5
CVE-2023-36365 HIGH
MonetDB v11.45.17 and v11.46.0 - Denial of Service via sql_trans_copy_key Component
CVSS 7.5
CVE-2023-2828 HIGH
BIND 9.11.0-9.16.41, 9.18.0-9.18.15, 9.19.0-9.19.13 - Denial of Service via Cache Cleaning Algorithm Bypass
CVSS 7.5
CVE-2023-34166 HIGH
Huawei EMUI - Denial of Service via Abnormal API Callbacks
CVSS 7.5
CVE-2023-30903 MEDIUM
HP-UX 11.00-11.31 - Denial of Service via IPv6 Interface Configuration
CVSS 5.5
CVE-2023-21144 HIGH
Android 11-13 - Denial of Service in NotificationContentInflater
CVSS 7.5
CVE-2023-34455 HIGH
snappy-java < 1.1.10.1 - Denial of Service via Unchecked Chunk Length
CVSS 7.5
CVE-2023-35116 MEDIUM
jackson-databind < 2.16.0 - Denial of Service via Cyclic Dependency Serialization
CVSS 4.7
CVE-2023-34396 MEDIUM
Apache Struts <= 2.5.30 and <= 6.1.2 - Denial of Service via Resource Allocation
CVSS 4.3
CVE-2023-34149 MEDIUM
Apache Struts <= 2.5.30 and <= 6.1.2 - Denial of Service via Resource Allocation
CVSS 4.3
Details
Vulnerabilities 1,881
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits