CWE-789

Memory Allocation with Excessive Size Value

Parent: CWE-770 - Allocation of Resources Without Limits or Throttling

The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

153 vulnerabilities with CWE-789
CVE-2017-20016 MEDIUM
WEKA INTEREST Security Scanner <1.8 - DoS
CVSS 4.3
CVE-2017-7652 HIGH
Eclipse Mosquitto 1.0-1.4.14 - Denial of Service via Configuration Reload
CVSS 7.5
CVE-2017-7651 HIGH
Eclipse Mosquitto < 1.4.14 - Unauthenticated Denial of Service via MQTT Connection Flood
CVSS 7.5
Details
Vulnerabilities 153
Links
MITRE CWE Entry Search this CWE With Exploits