CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,881 vulnerabilities with CWE-770
CVE-2023-29767 MEDIUM
CrossX 1.15.3 - Denial of Service via Database Files
CVSS 5.5
CVE-2023-0121 MEDIUM
GitLab CE/EE <15.10.8/<16.0.2 - DoS
CVSS 6.5
CVE-2023-2253 MEDIUM
OpenShift API for Data Protection - Denial of Service via Large 'n' Parameter in /v2/_catalog Endpoint
CVSS 6.5
CVE-2023-0921 MEDIUM
GitLab 8.3-15.10.7, 15.11-15.11.6, 16.0-16.0.1 - Authenticated Denial of Service via Large Issue Description
CVSS 4.3
CVE-2023-23603 MEDIUM
Firefox < 109 and Firefox ESR < 102.7 - Data Exfiltration via Console Log Style Directive
CVSS 6.5
CVE-2023-0616 MEDIUM
Thunderbird < 102.8 - Denial of Service via Crafted OpenPGP MIME Email
CVSS 6.5
CVE-2023-32699 MEDIUM
MeterSphere < 2.9.1 - Denial of Service via Long Password MD5 Encryption
CVSS 6.5
CVE-2023-33656 MEDIUM
NanoMQ 0.17.2 - Denial of Service via Memory Leak in message.c
CVSS 5.5
CVE-2023-29737 MEDIUM
Wave Animated Keyboard Emoji 1.70.7 - Denial of Service via Database Files
CVSS 5.5
CVE-2023-2650 MEDIUM
OpenSSL - Denial of Service via ASN.1 Object Identifier Processing
CVSS 6.5
CVE-2023-33720 MEDIUM
mp4v2 <2.1.2 - Memory Corruption
CVSS 6.5
CVE-2023-21110 HIGH
Android 11-13 - Local Privilege Escalation via SnoozeHelper Resource Exhaustion
CVSS 7.8
CVE-2023-20930 MEDIUM
Android 11-13 - Local Denial of Service via ShortcutPackage Resource Exhaustion
CVSS 5.5
CVE-2023-31914 MEDIUM
Jerryscript 3.0 - Memory Corruption
CVSS 5.5
CVE-2023-2666 HIGH
GitHub froxlor/froxlor <2.0.16 - Info Disclosure
CVSS 7.5
CVE-2023-28356 HIGH
rocket.chat < 6.0.0 - Denial of Service via Malicious Message Processing
CVSS 7.5
CVE-2023-25568 HIGH
Boxo 0.4.0-0.5.0 - Memory Exhaustion via Bitswap Server Allocation
CVSS 8.2
CVE-2023-31472 HIGH
GL.iNet Firmware < 3.216 - Unauthenticated Arbitrary File Write via Command Injection
CVSS 7.5
CVE-2023-27958 CRITICAL
macOS 11.0-11.7.4 - Denial of Service via Memory Corruption
CVSS 9.1
CVE-2023-30551 HIGH
Rekor < 1.1.1 - Denial of Service via Large Archive Metadata Files
CVSS 7.5
CVE-2023-26285 MEDIUM
IBM MQ Appliance 9.2.0.0-9.2.0.10 and 9.2.0.0-9.2.5.6 - Denial of Service via Invalid Data Processing
CVSS 5.9
CVE-2023-30455 HIGH
ebankit < 7.0 - Denial of Service via EStatementsIds Parameter
CVSS 7.5
CVE-2023-28882 HIGH
OWASP ModSecurity 3.0.5-3.0.8 - Denial of Service via Transaction Class Segfault
CVSS 7.5
CVE-2023-27556 MEDIUM
IBM Counter Fraud Management for Safer Payments DoS
CVSS 6.5
CVE-2023-29779 HIGH
Sengled E1E-G7F Firmware - Denial of Service via Malicious Zigbee Messages
CVSS 7.5
Details
Vulnerabilities 1,881
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits