Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-400 (未加控制的资源消耗(资源穷尽)) — Vulnerability Class 1385

1385 vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-5870 Postgresql: role pg_signal_backend can signal certain superuser processes. — Red Hat Advanced Cluster Security 4.2 2.2 Low2023-12-10
CVE-2023-4486 Uncontrolled Resource Consumption in Metasys and Facility Explorer — Metasys NAE55/SNE/SNC 7.5 High2023-12-07
CVE-2023-35909 WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Denial of Service Attack — Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress 5.3 Medium2023-12-07
CVE-2023-6180 Resource exhaustion via memory leak in tokio-boring — tokio-boring 5.3 Medium2023-12-05
CVE-2023-39248 Dell OS10 Networking Switches 安全漏洞 — Dell Networking OS10 7.5 High2023-12-05
CVE-2023-49290 Malicious parameters can cause a denial of service in lestrrat-go/jwx — jwx 5.3 Medium2023-12-04
CVE-2023-47633 Uncontrolled Resource Consumption in Traefik — traefik 7.5 High2023-12-04
CVE-2023-40692 IBM Db2 denial of service — Db2 for Linux, UNIX and Windows 5.9 Medium2023-12-03
CVE-2023-5915 Yokogawa Electric 安全漏洞 — STARDOM 7.5 -2023-12-01
CVE-2023-48713 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler — serving 6.5 Medium2023-11-28
CVE-2023-48369 Log Flooding due to specially crafted requests in different endpoints — Mattermost 4.3 Medium2023-11-27
CVE-2023-40703 Denial of Service via specially crafted block fields in Mattermost Boards — Mattermost 4.3 Medium2023-11-27
CVE-2023-48268 Denial of Service via Board Import Zip Bomb — Mattermost 4.3 Medium2023-11-27
CVE-2023-6277 Libtiff: out-of-memory in tiffopen via a craft file — Red Hat Enterprise Linux 6 6.5 Medium2023-11-24
CVE-2023-36038 ASP.NET Core Denial of Service Vulnerability — ASP.NET Core 8.0 8.2 High2023-11-14
CVE-2023-44321 Siemens SCALANCE 多款产品安全漏洞 — RUGGEDCOM RM1224 LTE(4G) EU 2.7 Low2023-11-14
CVE-2023-42813 Denial of service from malicious manifest in kyverno — kyverno 6.1 Medium2023-11-13
CVE-2023-5759 Unauthenticated Remote Denial-of-Service via Buffer in Helix Core — Helix Core 7.5 High2023-11-08
CVE-2023-45319 Unauthenticated Remote Denial-of-Service (Commit) in Helix Core — Helix Core 7.5 High2023-11-08
CVE-2023-35767 Unauthenticated Remote Denial-of-Service via Shutdown Function in Helix Core — Helix Core 7.5 High2023-11-08
CVE-2023-46737 Possible endless data attack from attacker-controlled registry in cosign — cosign 3.1 Low2023-11-07
CVE-2023-5969 Denial of Service via Link Preview in /api/v4/redirect_location — Mattermost 5.3 Medium2023-11-06
CVE-2023-41378 Calico Typha hangs during unclean TLS handshake — Typha 7.5 High2023-11-06
CVE-2023-42669 Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc 6.5 Medium2023-11-06
CVE-2023-42670 Samba: ad dc busy rpc multiple listener dos 6.5 Medium2023-11-03
CVE-2023-29046 Open-Xchange App Suite 资源管理错误漏洞 — OX App Suite 4.3 Medium2023-11-02
CVE-2023-5876 Regex DoS from a malicious server enrolled in Desktop — Mattermost Desktop 3.1 Low2023-11-02
CVE-2023-31418 Elasticsearch uncontrolled resource consumption — Elasticsearch 7.5 High2023-10-26
CVE-2023-39219 Admin Console Denial of Service via Java class enumeration — PingFederate 7.5 High2023-10-25
CVE-2023-46118 Denial of Service by publishing large messages over the HTTP API — rabbitmq-server 4.9 Medium2023-10-24

Vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)) represent 1385 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.