Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-770

CWE-770

High likelihood

Allocation of Resources Without Limits or Throttling

Parent: CWE-400 - Uncontrolled Resource Consumption

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.

1,884 vulnerabilities with CWE-770

CVE-2020-10705 HIGH

Undertow < 2.1.1 - Denial of Service via Expect Header Handling

CVE-2020-13114 HIGH

libexif < 0.6.22 - Denial of Service via Canon EXIF MakerNote Data

CVE-2020-12697 MEDIUM

direct_mail < 5.2.3 - Denial of Service via Log Entry Flooding

CVE-2020-10717 LOW

QEMU 5.0-5.0.1 - Denial of Service via Virtio-fs File Descriptor Exhaustion

CVE-2020-11612 HIGH

Netty 4.1.0-4.1.45 - Unbounded Memory Allocation in ZlibDecoder

CVE-2020-8552 MEDIUM

Kubernetes <1.15.9, 1.16.0-1.16.6, 1.17.0-1.17.2 - DoS

CVE-2020-8551 MEDIUM

Kubernetes 1.15.0-1.15.9, 1.16.0-1.16.6, 1.17.0-1.17.2 - Denial of Service via Kubelet API

CVE-2020-10364 HIGH

MikroTik RouterOS <= 6.44.3 - Denial of Service via SSH Daemon Resource Exhaustion

CVE-2020-9345 MEDIUM

signotec signoPAD-API/Web < 3.1.1 - Denial of Service via Unlimited WebSocket Connections

CVE-2020-8659 HIGH

CNCF Envoy <1.13.0 - Memory Corruption

CVE-2020-7219 HIGH

HashiCorp Consul < 1.6.3 - Unauthenticated Denial of Service via Unbounded Resource Usage

CVE-2020-7218 HIGH

HashiCorp Nomad < 0.10.3 - Unauthenticated Denial of Service via Unbounded Resource Usage

CVE-2020-8416 HIGH

BearFTP < 0.2.0 - Denial of Service via PASV Mode Connection Flood

CVE-2020-7052 MEDIUM

CODESYS Control V3, Gateway V3, and HMI V3 < 3.5.15.30 - Remote Denial of Service via Uncontrolled Memory Allocation

CVE-2020-7226 HIGH

Cryptacular < 1.1.4 - Denial of Service via Excessive Memory Allocation in CiphertextHeader

CVE-2020-6610 MEDIUM

GNU LibreDWG 0.9.3.2564 - Denial of Service via Excessive Memory Allocation in read_sections_map

CVE-2019-25464 MEDIUM

InputMapper 1.6.10 - Buffer Overflow

CVE-2019-25350 HIGH

XMedia Recode 3.4.8.6 - Denial of Service via Crafted .m3u Playlist File

CVE-2019-25342 HIGH

Centova Cast 3.2.12 - Denial of Service via Database Export API Endpoint

CVE-2019-25220 HIGH

Bitcoin Core < 24.0.1 - Denial of Service via Chain Width Expansion Attack

CVE-2019-20880 HIGH

Mattermost Server < 5.8.0, < 5.7.2, < 5.6.5, < 4.10.7 - Denial of Service via OpenGraph

CVE-2019-20845 HIGH

Mattermost Server < 5.18.0 - Denial of Service via Large Slack Import

CVE-2019-20818 HIGH

Foxit Reader and PhantomPDF < 9.7 - Denial of Service via Memory Consumption

CVE-2019-20814 HIGH

Foxit PhantomPDF < 8.3.12 - Denial of Service via Memory Consumption

CVE-2019-15234 HIGH

SHAREit < 4.0.6.177 - Denial of Service via Uncontrolled Memory Allocation

Previous Page 67 of 76 Next

Details

Vulnerabilities 1,884

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy