Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-770 (不加限制或调节的资源分配) — Vulnerability Class 795

795 vulnerabilities classified as CWE-770 (不加限制或调节的资源分配). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-25171 Kiwi TCMS has denial of service vulnerability on Password reset page — kiwi 7.5 High2023-02-15
CVE-2023-25577 Werkzeug may allow high resource usage when parsing multipart form data with many fields — werkzeug 7.5 High2023-02-14
CVE-2023-25576 @fastify/multipart vulnerable to DoS due to unlimited number of parts — fastify-multipart 7.5 High2023-02-14
CVE-2023-22323 BIG-IP SSL OCSP Authentication profile vulnerability — BIG-IP 7.5 High2023-02-01
CVE-2023-23846 Open5GS 安全漏洞 — Open5GS 7.5 -2023-02-01
CVE-2023-22740 Discourse vulnerable to Allocation of Resources Without Limits via Chat drafts — discourse 4.3 Medium2023-01-27
CVE-2023-22739 Discourse subject to Allocation of Resources Without Limits or Throttling — discourse 6.5 Medium2023-01-26
CVE-2023-22397 Junos OS Evolved: PTX10003: An attacker sending specific genuine packets will cause a memory leak in the PFE leading to a Denial of Service — Junos OS Evolved 6.1 Medium2023-01-12
CVE-2023-22403 Junos OS: QFX10K Series: An ICCP flap will be observed due to excessive specific traffic — Junos OS 7.5 High2023-01-12
CVE-2022-4723 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb — ikus060/rdiffweb 9.1 -2022-12-23
CVE-2022-41288 Siemens部分产品 安全漏洞 — JT2Go 3.3 Low2022-12-13
CVE-2022-46159 Any authenticated Discourse user can create an unlisted topic — discourse 4.3 Medium2022-12-02
CVE-2022-4045 Authenticated user could send multiple requests containing a parameter which could fetch a large amount of data and can crash a Mattermost server — Mattermost 3.1 Low2022-11-23
CVE-2022-4044 Authenticated user could send multiple requests containing a large Auto Responder Message payload and can crash a Mattermost server — Mattermost 4.3 Medium2022-11-23
CVE-2022-4019 Authenticated user could send multiple requests containing a large payload to a Playbooks API and can crash a Mattermost server — Playbooks Plugin 4.3 Medium2022-11-23
CVE-2022-45471 JetBrains Hub 安全漏洞 — Hub 3.5 Low2022-11-18
CVE-2022-3480 Denial-of-Service vulnerability in PHOENIX CONTACT mGuard product family — FL MGUARD CENTERPORT 7.5 High2022-11-15
CVE-2022-20950 Cisco Firepower Threat Defense 代码问题漏洞 — Cisco Firepower Threat Defense Software 5.8 Medium2022-11-10
CVE-2021-34568 WAGO I/O-Check Service prone to Allocation of Resources Without Limits or Throttling — 750-81xx/xxx-xxxFW 7.5 High2022-11-09
CVE-2022-34439 Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 5.3 Medium2022-10-21
CVE-2022-3439 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb — ikus060/rdiffweb 9.1 -2022-10-14
CVE-2022-3456 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb — ikus060/rdiffweb 9.1 -2022-10-13
CVE-2022-3423 Allocation of Resources Without Limits or Throttling in nocodb/nocodb — nocodb/nocodb 7.3 High2022-10-07
CVE-2022-3273 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb — ikus060/rdiffweb 9.1 -2022-10-06
CVE-2022-3371 No limit in length of "Token name" parameter results in DOS attack /memory corruption in ikus060/rdiffweb prior to 2.5.0a3 in ikus060/rdiffweb — ikus060/rdiffweb 9.1 -2022-09-30
CVE-2022-3364 No limit in length of "Fullname" parameter results in DOS attack /memory corruption in ikus060/rdiffweb prior to 2.5.0a3 in ikus060/rdiffweb — ikus060/rdiffweb 9.1 -2022-09-29
CVE-2022-39226 Discourse user profile location and website fields were not sufficiently length-limited — discourse 4.3 Medium2022-09-29
CVE-2022-3298 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb — ikus060/rdiffweb 9.1 -2022-09-26
CVE-2022-3295 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb — ikus060/rdiffweb 9.1 -2022-09-26
CVE-2022-3212 DoS in axum-core due to missing request size limit — axum-core 7.5 High2022-09-14

Vulnerabilities classified as CWE-770 (不加限制或调节的资源分配) represent 795 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.