Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-400 (未加控制的资源消耗(资源穷尽)) — Vulnerability Class 1385

1385 vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-31994 Mealie vulnerable to a DoS in recipe image importer (GHSL-2023-228) — mealie 6.5 Medium2024-04-19
CVE-2024-31992 Mealie contains a DoS vulnerability in recipe importer — mealie 6.5 Medium2024-04-19
CVE-2024-3872 Mattermost Mobile Apps 安全漏洞 — Mattermost 3.1 Low2024-04-16
CVE-2024-1569 Uncontrolled Resource Consumption in parisneo/lollms-webui — parisneo/lollms-webui 7.5 -2024-04-16
CVE-2024-3789 Uncontrolled Resource Consumption vulnerability in WBSAirback — White Bear Solutions 6.5 Medium2024-04-15
CVE-2024-0157 Dell Storage Resource Manager 资源管理错误漏洞 — Dell Storage Resource Manager 5.9 Medium2024-04-12
CVE-2024-3569 Denial of Service (DoS) Vulnerability in mintplex-labs/anything-llm — mintplex-labs/anything-llm 7.5AIHighAI2024-04-10
CVE-2024-26215 DHCP Server Service Denial of Service Vulnerability — Windows Server 2019 7.5 High2024-04-09
CVE-2024-26212 DHCP Server Service Denial of Service Vulnerability — Windows Server 2019 7.5 High2024-04-09
CVE-2024-28949 DoS via a large number of User Preferences — Mattermost 4.3 Medium2024-04-05
CVE-2024-31209 OpenID Connect client Atom Exhaustion in provider configuration worker ets table location — oidcc 5.3 Medium2024-04-04
CVE-2024-29893 Uncontrolled Resource Consumption vulnerability in ArgoCD's repo server — argo-cd 6.5 Medium2024-03-29
CVE-2024-23450 Elasticsearch Uncontrolled Resource Consumption vulnerability — Elasticsearch 4.9 Medium2024-03-27
CVE-2023-47150 IBM Common Cryptographic Architecture denial of service — Common Cryptographic Architecture 7.5 High2024-03-26
CVE-2023-5685 Xnio: stackoverflowexception when the chain of notifier states becomes problematically big — Red Hat build of Apache Camel 4.4.0 for Spring Boot 7.5 High2024-03-22
CVE-2024-29186 Slow String Operations via MultiPart Requests in Event-Driven Functions — bref 5.3 Medium2024-03-22
CVE-2024-28863 node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation — node-tar 6.5 Medium2024-03-21
CVE-2023-49837 WordPress embed-code plugin <= 2.3.6 - Denial of Service Attack vulnerability — Code Embed 5.3AIMediumAI2024-03-21
CVE-2024-27085 Denial of service through invites in Discourse — discourse 6.5 Medium2024-03-15
CVE-2024-27100 Denial of service via Staff Actions in Discourse — discourse 6.5 Medium2024-03-15
CVE-2024-24827 No rate limits on POST /uploads endpoint in Discourse — discourse 5.3 Medium2024-03-15
CVE-2024-28854 Slow loris vulnerability with default configuration in tls-listener — tls-listener 7.5 High2024-03-15
CVE-2024-2446 Mattermost 安全漏洞 — Mattermost 4.3 Medium2024-03-15
CVE-2024-28053 Resource Exhaustion via the Invitation Feature — Mattermost 3.1 Low2024-03-15
CVE-2024-24975 Denial of Service for mobile app users due to automatic code highlighting — Mattermost Mobile 3.5 Low2024-03-15
CVE-2024-1410 Unbounded storage of information related to connection ID retirement, in quiche — quiche 3.7 Low2024-03-12
CVE-2024-1765 Unlimited resource allocation by QUIC CRYPTO frames flooding in quiche — quiche 5.9 Medium2024-03-12
CVE-2024-26190 Microsoft QUIC Denial of Service Vulnerability — Microsoft Visual Studio 2022 version 17.9 7.5 High2024-03-12
CVE-2024-21392 .NET and Visual Studio Denial of Service Vulnerability — Microsoft Visual Studio 2022 version 17.9 7.5 High2024-03-12
CVE-2024-28122 JWX vulnerable to a denial of service attack using compressed JWE message — jwx 6.8 Medium2024-03-09

Vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)) represent 1385 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.