Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-789

CWE-789

Memory Allocation with Excessive Size Value

Parent: CWE-770 - Allocation of Resources Without Limits or Throttling

The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

153 vulnerabilities with CWE-789

CVE-2025-4605 MEDIUM

Autodesk Maya 2025-2025.3.1 - Denial of Service via Malicious .usdc File

CVE-2025-2518 MEDIUM

IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.1 - Denial of Service via Specially Crafted Query

CVE-2025-3632 HIGH

IBM 4769 Developers Toolkit 7.0.0-7.5.52 - Denial of Service via Excessive Memory Allocation

CVE-2025-20140 HIGH

Cisco IOS XE - Denial of Service via IPv6 Network Requests

CVE-2025-27533 HIGH

Apache ActiveMQ 5.16.0-5.16.7, 5.17.0-5.17.6, 5.18.0-5.18.6 - Denial of Service via OpenWire Buffer Size Validation

CVE-2025-43857 MEDIUM

Net::IMAP DoS via Malicious Server Literal Byte Count

CVE-2025-32386 MEDIUM

Helm < 3.17.3 - Denial of Service via Malicious Chart Archive Expansion

CVE-2025-30211 HIGH

Erlang/OTP <27.3.1, 26.2.5.10, 25.3.2.19 - Memory Corruption

CVE-2025-29491 MEDIUM

libming v0.48 - Denial of Service via Crafted SWF File in parseSWF_DEFINEBINARYDATA

CVE-2025-26618 HIGH

Erlang/OTP 25.3.2.18-27.2.3 - Authenticated Denial of Service via SFTP Packet Size Mismatch

CVE-2025-25186 MEDIUM

Net::IMAP 0.3.2-0.3.7, 0.4.0-0.4.18, 0.5.0-0.5.5 - Denial of Service via Memory Exhaustion in Response Parser

CVE-2025-20165 HIGH

Cisco BroadWorks Network Server < 2024.11 - Unauthenticated Denial of Service via SIP Request Memory Exhaustion

CVE-2024-52791 MEDIUM

Matrix Media Repo <1.3.8 - Info Disclosure

CVE-2024-41762 MEDIUM

IBM Db2 10.5.0-10.5.10 - Denial of Service via Specially Crafted Query

CVE-2024-37071 MEDIUM

IBM Db2 10.5.0-10.5.10 - Authenticated Denial of Service via Specially Crafted Query

CVE-2024-41761 MEDIUM

IBM Db2 10.5, 11.1, 11.5 - Denial of Service via Crafted Query

CVE-2024-20260 HIGH

Cisco Adaptive Security Appliance (ASA) Software - Denial of Service via SSL/TLS Connection Flood

CVE-2024-43484 HIGH

.NET Framework - Denial of Service via Inefficient Algorithmic Complexity

CVE-2024-40680 MEDIUM

IBM MQ 9.3 CD and 9.4 LTS/CD - Denial of Service via Improper Memory Allocation

CVE-2024-37529 MEDIUM

IBM Db2 11.1-11.5 - Authenticated Denial of Service via Crafted Query

CVE-2024-35152 MEDIUM

IBM Db2 - Denial of Service via Specially Crafted Query

CVE-2024-41132 MEDIUM

ImageSharp < 2.1.9 - Denial of Service via Gif Decoder

CVE-2024-35116 MEDIUM

IBM MQ 9.0.0.0-9.0.0.25 and 9.3.0.0-9.3.x.x - Denial of Service via Configuration Change Error

CVE-2024-37168 MEDIUM

@grpc/grps-js <1.10.9, 1.9.15, 1.8.22 - Memory Corruption

CVE-2024-32035 MEDIUM

ImageSharp < 2.1.8 - Denial of Service via Excessive Memory Usage in Image Decoders

Previous Page 4 of 7 Next

Details

Vulnerabilities 153

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy