Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-400 (未加控制的资源消耗(资源穷尽)) — Vulnerability Class 1385

1385 vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-34364 Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response — envoy 5.7 Medium2024-06-04
CVE-2024-5422 Denial of Service — utnserver Pro 7.5AIHighAI2024-06-04
CVE-2024-35221 Denial of service when publishing a package on rubygems.org — rubygems.org 4.3 Medium2024-05-29
CVE-2024-35194 Stacklok Minder vulnerable to denial of service from maliciously crafted templates — minder 5.3 Medium2024-05-20
CVE-2024-4284 Denial of Service in mintplex-labs/anything-llm — mintplex-labs/anything-llm 7.5 -2024-05-19
CVE-2024-5055 Vulnerability of uncontrolled resource consumption in XAMPP — XAMPP 7.5 High2024-05-17
CVE-2024-5052 Resource consumption vulnerability in Cerberus FTP Enterprise — Cerberus FTP Enterprise 7.5 High2024-05-17
CVE-2024-35185 Denial of service of Minder Server with attacker-controlled REST endpoint — minder 5.3 Medium2024-05-16
CVE-2024-35176 REXML contains a denial of service vulnerability — rexml 5.3 Medium2024-05-16
CVE-2023-7258 Denial-of-Service in Gvisor — Gvisor 4.8 Medium2024-05-15
CVE-2024-30019 DHCP Server Service Denial of Service Vulnerability — Windows Server 2019 6.5 Medium2024-05-14
CVE-2024-33498 Siemens 多款产品 资源管理错误漏洞 — SIMATIC RTLS Locating Manager 5.3 Medium2024-05-14
CVE-2024-34079 octo-sts allows unauthenticated attackers to cause unbounded CPU and memory usage — app 3.7 Low2024-05-10
CVE-2024-4438 Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform 7.5 High2024-05-08
CVE-2024-4437 Etcd: incomplete fix for cve-2021-44716 in openstack platform 7.5 High2024-05-08
CVE-2024-4436 Etcd: incomplete fix for cve-2022-41723 in openstack platform 7.5 High2024-05-08
CVE-2024-1930 No Limit on Number of Open Sessions / Bad Session Close Behaviour — dnf5daemon-server 6.5 Medium2024-05-08
CVE-2023-27321 OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability — UA .NET Standard 7.5AIHighAI2024-05-07
CVE-2024-32663 Suricata 's http2 parser contains an improper compressed header handling can lead to resource starvation — suricata 7.5 High2024-05-07
CVE-2024-34084 Minder's Github Webhook Handler vulnerable to denial of service from un-validated requests — minder 7.5 High2024-05-07
CVE-2024-4599 Denial of service vulnerability in LAN Messenger — LAN Messenger 7.5 High2024-05-07
CVE-2024-32972 go-ethereum denial of service via malicious p2p message — go-ethereum 7.5 High2024-05-06
CVE-2023-39477 Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability — Ignition 7.5 -2024-05-03
CVE-2023-27334 Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability — edgeConnector Siemens 7.5 -2024-05-03
CVE-2024-32984 Yamux Memory Exhaustion Vulnerability via Active::pending_frames property — rust-yamux 7.5 High2024-05-01
CVE-2024-32476 Denial of Service via malicious jqPathExpressions in ignoreDifferences — argo-cd 6.5 Medium2024-04-26
CVE-2024-4183 Mattermost 安全漏洞 — Mattermost 4.3 Medium2024-04-26
CVE-2024-22091 Excessive resource consumption due to lack to request path size limits — Mattermost 3.1 Low2024-04-26
CVE-2024-3508 Bzip2: compressed content bomb leads to denial of service of bombastic api 4.3 Medium2024-04-25
CVE-2023-6596 Openshift: incomplete fix for rapid reset (cve-2023-44487/cve-2023-39325) 7.5 High2024-04-25

Vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)) represent 1385 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.