Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-400 (未加控制的资源消耗(资源穷尽)) — Vulnerability Class 1385

1385 vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-5342 Denial of Service (DoS) — ManageEngine Exchange Reporter Plus 4.3 Medium2025-10-30
CVE-2025-10932 AS2 module allows uncontrolled file uploads — MOVEit Transfer 8.2 High2025-10-29
CVE-2025-62260 Liferay Portal和Liferay DXP 资源管理错误漏洞 — Portal 7.5AIHighAI2025-10-27
CVE-2025-12194 Bouncy Castle Java 安全漏洞 — Bouncy Castle for Java FIPS 7.5 -2025-10-24
CVE-2025-62706 Authlib : JWE zip=DEF decompression bomb enables DoS — authlib 6.5 Medium2025-10-22
CVE-2025-59043 OpenBao vulnerable to denial of service via malicious JSON request processing — openbao 7.5 High2025-10-17
CVE-2025-33177 NVIDIA Jetson Linux和NVIDIA IGX OS 资源管理错误漏洞 — Jetson Orin Series 5.5 Medium2025-10-14
CVE-2025-59502 Remote Procedure Call Denial of Service Vulnerability — Windows 10 Version 1809 7.5 High2025-10-14
CVE-2025-11635 Tomofun Furbo 360 File Upload resource consumption — Furbo 360 4.3 Medium2025-10-12
CVE-2025-61919 Rack is vulnerable to a memory-exhaustion DoS through unbounded URL-encoded body parsing — rack 7.5 High2025-10-10
CVE-2025-59975 Junos Space: Flooding device with inbound API calls leads to WebUI and CLI management access DoS — Junos Space 7.5 High2025-10-09
CVE-2025-52961 Junos OS Evolved: PTX Series except PTX10003: An unauthenticated adjacent attacker sending specific valid traffic can cause a memory leak in cfmman leading to FPC crash and restart — Junos OS Evolved 6.5 Medium2025-10-09
CVE-2025-61772 Rack's multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion) — rack 7.5 High2025-10-07
CVE-2025-61771 Rack's multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion) — rack 7.5 High2025-10-07
CVE-2025-61770 Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) — rack 7.5 High2025-10-07
CVE-2025-52867 Qsync Central — Qsync Central 7.5 -2025-10-03
CVE-2025-61600 Unbounded Memory Allocation in Stalwart IMAP parser — stalwart 7.5 High2025-10-02
CVE-2025-61595 MANTRA tx gas limit is not enforced in send hooks — mantrachain 5.3AIMediumAI2025-10-02
CVE-2025-20370 Denial of Service (DoS) through Multiple LDAP Bind Requests in Splunk Enterprise — Splunk Enterprise 4.9 Medium2025-10-01
CVE-2025-11149 node-static 安全漏洞 — node-static 7.5 High2025-09-30
CVE-2025-59830 Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters — rack 7.5 High2025-09-25
CVE-2025-6921 Regular Expression Denial of Service (ReDoS) in huggingface/transformers — huggingface/transformers 7.5 -2025-09-23
CVE-2025-4444 Tor Onion Service Descriptor resource consumption — Tor 3.7 Low2025-09-18
CVE-2025-58767 REXML has a DoS condition when parsing malformed XML file — rexml 7.5AIHighAI2025-09-17
CVE-2025-35432 CISA Thorium does not rate limit account verification email messages — Thorium 5.3 Medium2025-09-17
CVE-2025-43796 Liferay Portal和Liferay DXP 资源管理错误漏洞 — Portal 7.5 -2025-09-12
CVE-2025-59139 Hono has Body Limit Middleware Bypass — hono 5.3 Medium2025-09-12
CVE-2025-48040 Malicious Key Exchange Messages may Lead to Excessive Resource Consumption — OTP 7.5AIHighAI2025-09-11
CVE-2025-20340 Cisco IOS XR Address Resolution Protocol Broadcast Storm Vulnerability — Cisco IOS XR Software 7.4 High2025-09-10
CVE-2025-49460 Zoom Workplace Clients - Argument Injection — Zoom Workplace Clients 4.3 Medium2025-09-09

Vulnerabilities classified as CWE-400 (未加控制的资源消耗(资源穷尽)) represent 1385 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.