Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-770 (不加限制或调节的资源分配) — Vulnerability Class 796

796 vulnerabilities classified as CWE-770 (不加限制或调节的资源分配). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-22819 Uncontrolled resource consumption vulnerability in Western Digital My Cloud, My Cloud Home and SanDisk ibi products — My Cloud OS 5 4.9 Medium2024-02-05
CVE-2024-23826 Uploading an image with a specific filename causes a server-side DoS — spbu_se_site 6.8 Medium2024-01-29
CVE-2024-23820 OpenFGA DoS — openfga 5.3 Medium2024-01-26
CVE-2024-21604 Junos OS Evolved: A high rate of specific traffic will cause a complete system outage — Junos OS Evolved 7.5 High2024-01-12
CVE-2023-37934 Fortinet FortiPAM 安全漏洞 — FortiPAM 4.2 Medium2024-01-10
CVE-2023-6476 Cri-o: pods are able to break out of resource confinement on cgroupv2 — Red Hat OpenShift Container Platform 4.13 6.5 Medium2024-01-09
CVE-2024-21634 Ion Java StackOverflow vulnerability — ion-java 7.5 High2024-01-03
CVE-2023-46738 Authenticated users can crash the CubeFS servers with maliciously crafted requests — cubefs 6.5 Medium2024-01-03
CVE-2023-6910 Uncontrolled Resource Consumption in M-Files Server — M-Files Server 6.5 Medium2023-12-20
CVE-2023-6563 Keycloak: offline session token dos — Red Hat Single Sign-On 7.6 for RHEL 7 7.7 High2023-12-14
CVE-2023-5379 Undertow: ajp request closes connection exceeding maxrequestsize — Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 7.5 High2023-12-12
CVE-2023-50247 h2o QUIC state exhaustion DoS — h2o 3.7 Low2023-12-12
CVE-2023-6337 Vault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests — Vault 7.5 High2023-12-08
CVE-2023-4912 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 2.6 Low2023-12-01
CVE-2023-34389 Allocation of resources without limits could lead to denial of service — SEL-451 4.5 Medium2023-11-30
CVE-2023-42504 Apache Superset: Lack of rate limiting allows for possible denial of service — Apache Superset 5.8 Medium2023-11-28
CVE-2023-6117 M-Files REST API allows Denial of Service — M-Files Server 5.7 Medium2023-11-22
CVE-2023-47108 DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics — opentelemetry-go-contrib 7.5 High2023-11-10
CVE-2023-47120 Discourse DoS through Onebox favicon URL — discourse 7.5 High2023-11-10
CVE-2023-46130 Bypassing height value allowed in some theme components — discourse 4.3 Medium2023-11-10
CVE-2023-5963 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 3.1 Low2023-11-06
CVE-2023-3246 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 4.3 Medium2023-11-06
CVE-2023-20155 Cisco Firepower Management Center 安全漏洞 — Cisco Firepower Management Center 7.5 High2023-11-01
CVE-2023-5625 Python-eventlet: patch regression for cve-2021-21419 in some red hat builds — Ironic content for Red Hat OpenShift Container Platform 4.12 5.3 Medium2023-11-01
CVE-2023-45130 Frontier opcode SUICIDE touches too many storage values on large contracts — frontier 7.5 High2023-10-13
CVE-2023-5573 Allocation of Resources Without Limits or Throttling in vriteio/vrite — vriteio/vrite 6.5 -2023-10-13
CVE-2023-44191 Junos OS: QFX5000 Series and EX4000 Series: Denial of Service (DoS) on a large scale VLAN due to PFE hogging — Junos OS 7.5 High2023-10-12
CVE-2023-45142 OpenTelemetry-Go Contrib has DoS vulnerability in otelhttp due to unbound cardinality metrics — opentelemetry-go-contrib 7.5 High2023-10-12
CVE-2023-5072 DoS Vulnerability in JSON-Java — n/a 7.5 High2023-10-12
CVE-2023-45129 matrix-synapse vulnerable to denial of service due to malicious server ACL events — synapse 4.9 Medium2023-10-10

Vulnerabilities classified as CWE-770 (不加限制或调节的资源分配) represent 796 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.