Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-400 (未加控制的资源消耗(资源穷尽)) — Vulnerability Class 1385

1385 vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-40802 Siemens RUGGEDCOM RST2428P 资源管理错误漏洞 — RUGGEDCOM RST2428P 3.1 Low2025-09-09
CVE-2025-58369 fs2: Half-shutdown of socket during TLS handshake may result in spin loop on opposite side — fs2 5.3 Medium2025-09-05
CVE-2025-43772 Liferay Portal和Liferay DXP 资源管理错误漏洞 — Portal 9.1AICriticalAI2025-09-04
CVE-2025-58157 gnark affected by denial of service when computing scalar multiplication using fake-GLV algorithm — gnark 7.5 High2025-08-29
CVE-2025-29898 Qsync Central — Qsync Central 7.5 -2025-08-29
CVE-2025-9341 Garbage collection can delay for AES CBC Native support, resulting in heap exhaustion — Bouncy Castle for Java FIPS 7.5AIHighAI2025-08-22
CVE-2025-57751 Denial-of-Service attack in pyLoad CNL Blueprint using dukpy.evaljs — pyload 6.5AIMediumAI2025-08-21
CVE-2025-48956 vLLM API endpoints vulnerable to Denial of Service Attacks — vllm 7.5 High2025-08-21
CVE-2025-5115 MadeYouReset HTTP/2 vulnerability — Eclipse Jetty 7.5AIHighAI2025-08-20
CVE-2025-8449 Schneider Electric多款产品 资源管理错误漏洞 — EcoStruxure Building Operation Enterprise Server 6.5AIMediumAI2025-08-20
CVE-2025-9092 Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion — Bouncy Castle for Java - BC-FJA 2.1.0 7.5AIHighAI2025-08-16
CVE-2025-54472 Apache bRPC: Redis Parser Remote Denial of Service — Apache bRPC 7.5AIHighAI2025-08-14
CVE-2025-55197 pypdf's Manipulated FlateDecode streams can exhaust RAM — pypdf 6.5AIMediumAI2025-08-13
CVE-2025-53722 Windows Remote Desktop Services Denial of Service Vulnerability — Windows 10 Version 1507 7.5 High2025-08-12
CVE-2025-40766 Siemens SINEC Traffic Analyzer 资源管理错误漏洞 — SINEC Traffic Analyzer 5.5 Medium2025-08-12
CVE-2025-55152 oak: ReDoS in x-forwarded-proto and x-forwarded-for headers — oak 5.3 Medium2025-08-09
CVE-2025-54884 Vision UI security-kit.js: Potential Uncontrolled Resource Allocation Vulnerability — Vision-ui 7.5AIHighAI2025-08-05
CVE-2025-54796 Copyparty is vulnerable to Regex Denial of Service (ReDoS) attacks through "Recent Uploads" page — copyparty 7.5 High2025-08-01
CVE-2025-53012 MaterialX's Lack of Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion — MaterialX 7.5 -2025-08-01
CVE-2025-54575 ImageSharp Triggers an Infinite Loop in its GIF Decoder When Skipping Malformed Comment Extension Blocks — ImageSharp 5.3 Medium2025-07-30
CVE-2025-54572 Ruby SAML DOS vulnerability with large SAML response — ruby-saml 7.5AIHighAI2025-07-30
CVE-2025-41677 Resource Exhaustion via POST Requests to send-mail Action — mbNET.mini 4.9 Medium2025-07-21
CVE-2025-41676 Resource Exhaustion via POST Requests to send-sms Action — mbNET.mini 4.9 Medium2025-07-21
CVE-2025-50057 Extension - rsjoomla.com - DOS vulnerability RSFiles! component 1.16.3-1.17.7 for Joomla — RSFiles! component for Joomla 7.5 -2025-07-18
CVE-2025-53893 File Browser Vulnerable to Uncontrolled Memory Consumption Due to Oversized File Processing — filebrowser 6.5AIMediumAI2025-07-15
CVE-2025-48795 Apache CXF: Denial of Service and sensitive data exposure in logs — Apache CXF 5.5 -2025-07-15
CVE-2025-53636 Open OnDemand Shell App closed websocket DoS — ondemand 5.4 Medium2025-07-11
CVE-2025-53506 Apache Tomcat: DoS via excessive h2 streams at connection start — Apache Tomcat 7.5 -2025-07-10
CVE-2025-53371 DiscordNotifications allows DOS, SSRF, and possible RCE through requests to user-controlled URLs — DiscordNotifications 9.1 Critical2025-07-10
CVE-2025-49722 Windows Print Spooler Denial of Service Vulnerability — Windows 10 Version 1507 5.7 Medium2025-07-08

Vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)) represent 1385 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.