CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,881 vulnerabilities with CWE-770
CVE-2022-20492 HIGH
Android - Local Privilege Escalation via Resource Exhaustion in AutomaticZenRule
CVSS 7.8
CVE-2022-20490 HIGH
Android - Local Privilege Escalation via Resource Exhaustion in AutomaticZenRule
CVSS 7.8
CVE-2022-20489 HIGH
Android - Local Privilege Escalation via Resource Exhaustion in AutomaticZenRule
CVSS 7.8
CVE-2022-20456 HIGH
Android - Local Privilege Escalation via AutomaticZenRule Resource Exhaustion
CVSS 7.8
CVE-2022-45434 MEDIUM
Dahua DSS Server - Unauthenticated ICMP Request Flooding via Unthrottled Interface
CVSS 5.9
CVE-2022-4723 MEDIUM
rdiffweb < 2.5.5 - Denial of Service via Resource Exhaustion
CVSS 6.5
CVE-2022-42531 HIGH
Android - Local Privilege Escalation via Permissive Memory Allocation in mmu_map_for_fw
CVSS 7.8
CVE-2022-23524 MEDIUM
Helm < 3.10.3 - Denial of Service via strvals Package Stack Overflow
CVSS 5.3
CVE-2022-41288 LOW
JT2Go, Teamcenter Visualization <V14.1.0.6 - DoS
CVSS 3.3
CVE-2022-20487 HIGH
Android - Local Privilege Escalation via NotificationChannel Resource Exhaustion
CVSS 7.8
CVE-2022-20486 HIGH
Android - Local Privilege Escalation via NotificationChannel Resource Exhaustion
CVSS 7.8
CVE-2022-20485 HIGH
Android - Local Privilege Escalation via NotificationChannel Resource Exhaustion
CVSS 7.8
CVE-2022-20484 HIGH
Android - Local Privilege Escalation via NotificationChannel Resource Exhaustion
CVSS 7.8
CVE-2022-20480 HIGH
Android - Local Privilege Escalation via NotificationChannel Resource Exhaustion
CVSS 7.8
CVE-2022-20479 HIGH
Android 10-13 - Local Privilege Escalation via NotificationChannel Resource Exhaustion
CVSS 7.8
CVE-2022-20478 HIGH
Android - Local Privilege Escalation via NotificationChannel Resource Exhaustion
CVSS 7.8
CVE-2022-22488 MEDIUM
IBM Power System AC922 Firmware OP910 < OP910.70 and OP940 < OP940.40 DoS via CA Certificate Upload/Deletion
CVSS 4.9
CVE-2022-41717 MEDIUM
Go Server < - Memory Corruption
CVSS 5.3
CVE-2022-23492 HIGH
libp2p < 0.18.0 - Resource Exhaustion via Connection and Stream Management
CVSS 7.5
CVE-2022-23487 HIGH
libp2p < 0.38.0 - Resource Exhaustion via Connection and Stream Management
CVSS 7.5
CVE-2022-23486 HIGH
libp2p < 0.45.1 - Denial of Service via Memory Allocation Exhaustion
CVSS 7.5
CVE-2022-46159 MEDIUM
Discourse <2.8.13 & <2.9.0.beta14 - Info Disclosure
CVSS 4.3
CVE-2022-41921 LOW
Discourse < 2.9.0.beta13 - Denial of Service via Unlimited Chat Message Length
CVSS 3.5
CVE-2022-41932 HIGH
XWiki < 13.10.8 - Denial of Service via Crafted User Identifier in Login Form
CVSS 7.5
CVE-2022-4045 LOW
Mattermost < 7.1.4 - Authenticated Denial of Service via API Endpoint
CVSS 3.1
Details
Vulnerabilities 1,881
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits