Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-400 (未加控制的资源消耗(资源穷尽)) — Vulnerability Class 1385

1385 vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-3825 PTC Kepware KEPServerEX 缓冲区错误漏洞 — KEPServerEX 7.5 High2023-07-31
CVE-2023-38498 Discourse vulnerable to DoS via defer queue — discourse 4.3 Medium2023-07-28
CVE-2023-37900 Crossplane vulnerable to denial of service from large image — crossplane 3.4 Low2023-07-27
CVE-2023-3637 Openstack-neutron: unrestricted creation of security groups (fix for cve-2022-3277) — Red Hat OpenStack Platform 16.2 4.3 Medium2023-07-25
CVE-2023-38200 Keylime: registrar is subject to a dos against ssl connections — Red Hat Enterprise Linux 9 7.5 High2023-07-24
CVE-2023-3782 DoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or when an attacker can perform MitM to inject a Brotli zip-bomb into an HTTP response 5.9 Medium2023-07-19
CVE-2023-37480 Fides Webserver Vulnerable to Zip Bomb File Uploads — fides 2.7 Low2023-07-18
CVE-2023-37481 Fides Webserver Vulnerable to SVG Bomb File Uploads — fides 2.7 Low2023-07-18
CVE-2023-2263 Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A – CIP Message Attack Could Cause Denial-Of-Service — Kinetix 5700 DC Bus Power Supply Series A 7.5 High2023-07-18
CVE-2023-37475 Attacker-controlled parameter can cause denial of service in hamba avro — avro 7.5 High2023-07-17
CVE-2023-3593 Server crash via a specially crafted markdown input — Mattermost 4.3 Medium2023-07-17
CVE-2023-3614 Denial of Service via specially crafted gif image — Mattermost 4.3 Medium2023-07-17
CVE-2023-3585 channel DoS by sharing a boards link — Mattermost 4.3 Medium2023-07-17
CVE-2022-4952 OmniSharp csharp-language-server-protocol JSON Serializer SerializerBase.cs CreateSerializerSettings resource consumption — csharp-language-server-protocol 3.5 Low2023-07-17
CVE-2023-36818 Denial of service via User Custom Sidebar Section Unlimited Link Creation in discourse — discourse 6.5 Medium2023-07-14
CVE-2023-35945 Envoy vulnerable to HTTP/2 memory leak in nghttp2 codec — envoy 7.5 High2023-07-13
CVE-2023-37463 Quadratic complexity bugs may lead to a denial of service — cmark-gfm 6.4 Medium2023-07-13
CVE-2023-34458 mx-chain-go's relayed transactions always increment nonce — mx-chain-go 7.1 High2023-07-13
CVE-2023-26597 Controller DOS on sending error response — C300 7.5 High2023-07-13
CVE-2023-29449 Limited control of resource utilization in JS preprocessing — Zabbix 5.9 Medium2023-07-13
CVE-2023-35298 HTTP.sys Denial of Service Vulnerability — Windows Server 2022 7.5 High2023-07-11
CVE-2023-35339 Windows CryptoAPI Denial of Service Vulnerability — Windows 10 Version 1809 7.5 High2023-07-11
CVE-2023-35329 Windows Authentication Denial of Service Vulnerability — Windows 10 Version 1809 6.5 Medium2023-07-11
CVE-2023-35921 Siemens SIMATIC 安全漏洞 — SIMATIC MV540 H 7.5 High2023-07-11
CVE-2023-35920 Siemens SIMATIC 多款产品 安全漏洞 — SIMATIC MV540 H 7.5 High2023-07-11
CVE-2023-1206 Linux kernel 资源管理错误漏洞 — Kernel 5.7 -2023-06-30
CVE-2023-3398 Denial of Service in jgraph/drawio — jgraph/drawio 6.5 -2023-06-26
CVE-2023-35925 FastAsyncWorldEdit vulnerable to Uncontrolled Resource Consumption — FastAsyncWorldEdit 6.2 Medium2023-06-23
CVE-2023-33141 Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability — YARP 1.0 7.5 High2023-06-23
CVE-2023-34462 netty-handler SniHandler 16MB allocation — netty 6.5 Medium2023-06-22

Vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)) represent 1385 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.