Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,884 vulnerabilities with CWE-770

CVE-2020-35534 MEDIUM

LibRaw - Memory Corruption in crxFreeSubbandData Function

CVE-2020-14322 HIGH

Moodle 3.5.0-3.5.12, 3.7.0-3.7.6, 3.8.0-3.8.3, 3.9.0 - Denial of Service via YUI Combo File Loading

CVE-2020-9059 MEDIUM

Silicon Labs 500 Series Firmware - Uncontrolled Resource Consumption via S0 Authentication

CVE-2020-35210 MEDIUM

Atomix < 3.1.5 - Denial of Service via Raft Session Flooding

CVE-2020-18899 MEDIUM

Exiv2 0.27 - Denial of Service via Uncontrolled Memory Allocation in DataBuf Function

CVE-2020-19464 MEDIUM

PDF2JSON - Denial of Service via XRef::fetch Stack Overflow

CVE-2020-19463 MEDIUM

PDF2JSON 0.70 - Denial of Service via vfprintf Stack Overflow

CVE-2020-28400 HIGH

Siemens SCALANCE and RUGGEDCOM Firmware - Unauthenticated Denial of Service via DCP Reset Packet Flood

CVE-2020-28200 MEDIUM

Dovecot < 2.3.15 - Uncontrolled Resource Consumption in Sieve Engine

CVE-2020-14336 MEDIUM

OpenShift Container Platform - Denial of Service via Custom Network Packet Crafting

CVE-2020-22785 HIGH

Etherpad < 1.8.3 - Denial of Service via Pad Import Endpoint

CVE-2020-24994 HIGH

libass < 0.15.0 - Stack Overflow in parse_tag Function

CVE-2020-28491 HIGH

jackson-dataformats-binary < 2.11.4 - Denial of Service via Unchecked Byte Buffer Allocation

CVE-2020-24685 HIGH

ABB AC500 CPU Firmware < 2.8.5 - Unauthenticated Denial of Service via Crafted Network Packet

CVE-2020-36049 HIGH

socket.io-parser < 3.4.1 - Denial of Service via Large Packet Memory Consumption

CVE-2020-35896 HIGH

Ws-rs < 0.9.1 - Resource Allocation Without Limits

CVE-2020-5806 MEDIUM

FactoryTalk Linx - Memory Corruption

CVE-2020-5802 HIGH

FactoryTalk <6.11 - Memory Corruption

CVE-2020-35359 HIGH

Pure-FTPd 1.0.48 - Denial of Service via Connection Limit Exhaustion

CVE-2020-24658 HIGH

Arm Compiler 5-5.06u6 - Buffer Overflow

CVE-2020-29487 HIGH

Xen XAPI <2020-12-15 - Info Disclosure

CVE-2020-29486 MEDIUM

Xen < 4.14.0 - Denial of Service via Xenstore Node Ownership Quota Manipulation

CVE-2020-29570 MEDIUM

Xen 4.4.0-4.13.x - Denial of Service via Per-vCPU Control Block Mapping

CVE-2020-29568 MEDIUM

Xen < 4.14.1 - Denial of Service via Unbounded Watch Event Queue

CVE-2020-29567 MEDIUM

Xen < 4.14.0 - Denial of Service via IRQ Vector De-allocation

Previous Page 65 of 76 Next

Details

Vulnerabilities 1,884

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy