Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-789

CWE-789

Memory Allocation with Excessive Size Value

Parent: CWE-770 - Allocation of Resources Without Limits or Throttling

The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

153 vulnerabilities with CWE-789

CVE-2024-2494 MEDIUM

Red Hat Enterprise Linux 6, 7, 8, 9 - Denial of Service via Negative Length in RPC Library Deserialization

CVE-2023-6516 HIGH

BIND 9.16.0-9.16.45 - Denial of Service via Cache Cleanup Event Queue Overflow

CVE-2023-52429 MEDIUM

Linux Kernel <= 6.7.4 - Denial of Service via Integer Overflow in dm_table_create

CVE-2023-3171 HIGH

JBoss Enterprise Application Platform - Denial of Service via Unchecked HashMap/HashTable Deserialization

CVE-2023-39203 MEDIUM

Zoom < 5.16.0 / VDI < 5.14.13 - Unauthenticated Information Disclosure

CVE-2023-5371 MEDIUM

Wireshark 3.6.0-3.6.16 4.0.0-4.0.8 - Denial of Service via RTPS Dissector Memory Leak

CVE-2023-0809 MEDIUM

Eclipse Mosquitto < 2.0.16 - Denial of Service via Malicious Initial Packet

CVE-2023-20202 MEDIUM

Cisco IOS XE - Unauthenticated Denial of Service via Wireless Network Control Daemon Memory Exhaustion

CVE-2023-3223 HIGH

Undertow < 2.2.24 - Denial of Service via Large Multipart Content Bypass

CVE-2023-43632 CRITICAL

LF Edge EVE < 0.0.0-20230519072751-977f42b07fa9 - Stack Overflow via VTPM Protobuf Header

CVE-2023-37279 HIGH

Faktory < 1.8.0 - Denial of Service via Days URL Query Parameter

CVE-2023-33953 HIGH

gRPC < 1.53.2 - Denial of Service via HPACK Parser Memory and CPU Exhaustion

CVE-2023-20108 HIGH

Cisco Unified Communications Manager IM& Presence Service - DoS

CVE-2023-30837 HIGH

vyper < 0.3.8 - Memory Allocation with Excessive Size Value

CVE-2023-20089 HIGH

Cisco NX-OS - Denial of Service via LLDP Packet Parsing Memory Leak

CVE-2023-24201 CRITICAL

Raffle Draw System v1.0 - SQL Injection

CVE-2022-20845 MEDIUM

Cisco NCS 4000 Series - Memory Corruption

CVE-2022-4741 MEDIUM

docconv < 1.2.1 - Uncontrolled Memory Allocation in ConvertDocx/ConvertODT/ConvertPages/ConvertXML/XMLToText

CVE-2022-22226 MEDIUM

Juniper Junos OS 17.1R1-20.3R2 on EX4300-MP/EX4600/QFX5000 DoS via VxLAN

CVE-2022-34917 HIGH

Apache Kafka 2.8.0-2.8.1 - Unauthenticated Denial of Service via Memory Allocation

CVE-2022-36078 HIGH

binary < 0.7.1 - Denial of Service via Unchecked Slice Length in Decode Method

CVE-2022-31804 HIGH

CODESYS Gateway Server V2 - Memory Corruption

CVE-2022-30522 HIGH

Apache HTTP Server 2.4.53 - Denial of Service via mod_sed Large Input Transformation

CVE-2022-20717 MEDIUM

Cisco SD-WAN vEdge Router < 20.6 - Authenticated Denial of Service via NETCONF Process

CVE-2022-22188 HIGH

Juniper Networks Junos OS - Buffer Overflow

Previous Page 5 of 7 Next

Details

Vulnerabilities 153

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy