Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-770 (不加限制或调节的资源分配) — Vulnerability Class 795

795 vulnerabilities classified as CWE-770 (不加限制或调节的资源分配). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-28478 OpenClaw < 2026.2.13 - Denial of Service via Unbounded Webhook Request Body Buffering — OpenClaw 7.5 High2026-03-05
CVE-2026-28452 OpenClaw < 2026.2.14 - Denial of Service via Unguarded Archive Extraction in extractArchive — OpenClaw 5.5 Medium2026-03-05
CVE-2026-28394 OpenClaw < 2026.2.15 - Denial of Service via Unbounded Response Parsing in web_fetch Tool — OpenClaw 6.5 Medium2026-03-05
CVE-2026-28342 OliveTin: Unauthenticated Denial of Service via Memory Exhaustion in PasswordHash API Endpoint — OliveTin 7.5 High2026-03-05
CVE-2026-26998 Traefik: unbounded io.ReadAll on auth server response body causes OOM denial of service(DOS) — traefik 4.4 Medium2026-03-05
CVE-2026-20103 Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞 — Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 8.6 High2026-03-04
CVE-2026-27932 joserfc PBES2 p2c Unbounded Iteration Count enables Denial of Service (DoS) — joserfc 7.5 High2026-03-03
CVE-2026-27601 Underscore.js has unlimited recursion in _.flatten and _.isEqual, potential for DoS attack — underscore 7.5AIHighAI2026-03-03
CVE-2026-27887 Spin has memory leaks in various WIT interfaces — spin 8.6AIHighAI2026-02-26
CVE-2026-1662 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 7.5 High2026-02-25
CVE-2026-1725 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 5.3 Medium2026-02-25
CVE-2026-2845 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 6.5 Medium2026-02-25
CVE-2025-3525 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 6.5 Medium2026-02-25
CVE-2026-27695 zae-limiter: DynamoDB hot partition throttling enables per-entity Denial of Service — zae-limiter 4.3 Medium2026-02-25
CVE-2026-27572 Wasmtime can panic when adding excessive fields to a `wasi:http/types.fields` instance — wasmtime 7.5 -2026-02-24
CVE-2026-25985 Memory allocation with excessive without limits in the internal SVG decoder — ImageMagick 7.5 High2026-02-24
CVE-2026-27729 Astro has memory exhaustion DoS due to missing request body size limit in Server Actions — astro 5.9 Medium2026-02-24
CVE-2026-27026 pypdf possibly has long runtimes for malformed FlateDecode streams — pypdf 6.5AIMediumAI2026-02-20
CVE-2026-26313 Go Ethereum affected by DoS via malicious p2p message — go-ethereum 7.5 -2026-02-19
CVE-2026-26312 Stalwart Mail Server has Out-of-Memory Denial of Service via Malformed Nested MIME Messages — stalwart 6.5 Medium2026-02-19
CVE-2019-25350 XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service — XMedia Recode 7.5 High2026-02-18
CVE-2025-14876 Qemu-kvm: unbounded allocation in virtio-crypto 5.5 Medium2026-02-18
CVE-2019-25342 Centova Cast 3.2.12 - Denial of Service — Centova Cast 7.5 High2026-02-12
CVE-2026-26076 ntpd-rs affected by excessive CPU load from malformed packets — ntpd-rs 5.3AIMediumAI2026-02-12
CVE-2026-21434 webtransport-go affected by Memory Exhaustion Attack due to Missing Length Check in WT_CLOSE_SESSION Capsule — webtransport-go 5.3 Medium2026-02-12
CVE-2025-54155 File Station 5 — File Station 5 6.8AIMediumAI2026-02-11
CVE-2025-54161 File Station 5 — File Station 5 6.8AIMediumAI2026-02-11
CVE-2025-57708 Qsync Central — Qsync Central 5.8AIMediumAI2026-02-11
CVE-2025-57710 Qsync Central — Qsync Central 8.6AIHighAI2026-02-11
CVE-2025-57711 Qsync Central — Qsync Central 8.6AIHighAI2026-02-11

Vulnerabilities classified as CWE-770 (不加限制或调节的资源分配) represent 795 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.