Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-400 (未加控制的资源消耗(资源穷尽)) — Vulnerability Class 1385

1385 vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-28176 jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext — jose 4.9 Medium2024-03-09
CVE-2022-43880 IBM QRadar WinCollect Agent — QRadar WinCollect Agent 4.4 Medium2024-03-03
CVE-2024-1953 Mattermost 安全漏洞 — Mattermost 4.3 Medium2024-02-29
CVE-2024-24988 Excessive resource consumption when sending long emoji names in user custom status — Mattermost 4.3 Medium2024-02-29
CVE-2024-26141 Possible DoS Vulnerability with Range Header in Rack — rack 5.8 Medium2024-02-28
CVE-2024-20344 Cisco UCS 6400 Series Fabric Interconnects 安全漏洞 — Cisco Unified Computing System (Managed) 5.3 Medium2024-02-28
CVE-2024-20321 Cisco NX-OS Software 安全漏洞 — Cisco NX-OS Software 8.6 High2024-02-28
CVE-2024-27088 es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens` — es5-ext--2024-02-26
CVE-2024-22201 Jetty connection leaking on idle timeout when TCP congested — jetty.project 7.5 High2024-02-26
CVE-2024-23835 Suricata's pgsql: memory exhaustion use on record parsing — suricata 7.5 High2024-02-26
CVE-2024-1635 Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol 7.5 High2024-02-19
CVE-2024-25978 Msa-24-0001: denial of service risk in file picker unzip functionality 7.5 High2024-02-19
CVE-2024-24750 Backpressure request ignored in fetch() in Undici — undici 6.5 Medium2024-02-16
CVE-2024-20716 Force high-usage of resources by generating unlimited coupons: Adobe Commerce — Adobe Commerce 4.9 Medium2024-02-15
CVE-2024-25617 Denial of Service in HTTP Header parser in squid proxy — squid 5.3 Medium2024-02-14
CVE-2024-23952 Apache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104) — Apache Superset 6.5 Medium2024-02-14
CVE-2024-24814 Denial of service when manipulating mod_auth_openidc_session_chunks cookie in mod_auth_openidc — mod_auth_openidc 7.5 High2024-02-13
CVE-2024-21342 Windows DNS Client Denial of Service Vulnerability — Windows 11 version 22H2 7.5 High2024-02-13
CVE-2024-21386 .NET Denial of Service Vulnerability — ASP.NET Core 6.0 7.5 High2024-02-13
CVE-2024-24781 Hima: Uncontrolled Resource Consumption in multiple products — F30 03X YY (COM) 7.5 High2024-02-13
CVE-2024-1309 Resource Consumption Identified in NTP before 4.2.4p8 and 4.2.5 — Niagara Framework 6.5 Medium2024-02-13
CVE-2024-25112 Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder in Exiv2 — exiv2 5.5 Medium2024-02-12
CVE-2023-6681 Jwcrypto: denail of service via specifically crafted jwe — Red Hat Enterprise Linux 8 5.3 Medium2024-02-12
CVE-2023-41707 Open-Xchange App Suite 安全漏洞 — OX App Suite 6.5 Medium2024-02-12
CVE-2023-41706 Open-Xchange App Suite 安全漏洞 — OX App Suite 6.5 Medium2024-02-12
CVE-2023-41705 Open-Xchange App Suite 安全漏洞 — OX App Suite 6.5 Medium2024-02-12
CVE-2024-23323 Excessive CPU usage when URI template matcher is configured using regex in Envoy — envoy 4.3 Medium2024-02-09
CVE-2024-1402 Denial of service in mattermost mobile apps and server via emoji reactions — Mattermost 4.3 Medium2024-02-09
CVE-2024-0842 Backuply - Backup, Restore, Migrate and Clone <= 1.2.6 - Denial of Service — Backuply – Backup, Restore, Migrate and Clone 7.5 High2024-02-09
CVE-2023-32341 IBM Sterling B2B Integrator denial of service — Sterling B2B Integrator 6.5 Medium2024-02-09

Vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)) represent 1385 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.