Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-770 (不加限制或调节的资源分配) — Vulnerability Class 795

795 vulnerabilities classified as CWE-770 (不加限制或调节的资源分配). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-68389 Kibana Allocation of Resources Without Limits or Throttling — Kibana 6.5 Medium2025-12-18
CVE-2025-68384 Elasticsearch Allocation of Resources Without Limits or Throttling — Elasticsearch 6.5 Medium2025-12-18
CVE-2025-68388 Elastic Packetbeat 安全漏洞 — Packetbeat 5.3 Medium2025-12-18
CVE-2025-14466 Güralp Systems Fortimus Series, Minimus Series, and Certimus Series have an Allocation of Resources Without Limits or Throttling vulnerability — Fortimus Series 5.3 Medium2025-12-16
CVE-2025-68156 Expr has Denial of Service via Unbounded Recursion in Builtin Functions — expr 7.5 High2025-12-16
CVE-2025-64702 quic-go HTTP/3 QPACK Header Expansion DoS — quic-go 5.3 Medium2025-12-11
CVE-2025-4097 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 6.5 Medium2025-12-11
CVE-2025-12562 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 7.5 High2025-12-11
CVE-2025-14157 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 6.5 Medium2025-12-11
CVE-2025-66473 XWiki's REST APIs don't enforce any limits, leading to unavailability and OOM in large wikis — xwiki-platform 7.5AIHighAI2025-12-10
CVE-2025-9368 432ES-IG3 Series A Denial-of-Service Vulnerability — 432ES-IG3 Series A 7.5AIHighAI2025-12-09
CVE-2025-41693 Authenticated Denial-of-Service via SSH — FL SWITCH 2005 4.3 Medium2025-12-09
CVE-2025-41694 Authenticated Denial-of-Service via Webshell — FL SWITCH 2005 6.5 Medium2025-12-09
CVE-2025-36140 IBM watsonx.data Denial of Service — watsonx.data 6.5 Medium2025-12-08
CVE-2025-66418 urllib3 allows an unbounded number of links in the decompression chain — urllib3 7.5 -2025-12-05
CVE-2025-12385 Improper validation of <img> tag size in Text component parser — Qt 7.5AIHighAI2025-12-03
CVE-2025-13751 OpenVPN 安全漏洞 — OpenVPN 5.5AIMediumAI2025-12-03
CVE-2025-65113 ClipBucket v5 Unauthenticated Object Flagging Vulnerability — clipbucket-v5 6.5 Medium2025-11-29
CVE-2025-64334 Suricata is vulnerable to unbounded memory growth for decompression — suricata 7.5 High2025-11-26
CVE-2025-7449 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 6.5 Medium2025-11-26
CVE-2025-12571 Allocation of Resources Without Limits or Throttling in GitLab — GitLab 7.5 High2025-11-26
CVE-2025-65942 VictoriaMetrics Snappy Decoder DoS Vulnerability is Causing OOM — VictoriaMetrics 2.7 Low2025-11-25
CVE-2025-62426 vLLM vulnerable to DoS via large Chat Completion or Tokenization requests with specially crafted `chat_template_kwargs` — vllm 6.5 Medium2025-11-21
CVE-2025-11243 Allocation of Resources Without Limits or Throttling in Shelly Pro 4PM — Pro 4PM 7.5AIHighAI2025-11-19
CVE-2025-65015 joserfc has Possible Uncontrolled Resource Consumption Vulnerability Triggered by Logging Arbitrarily Large JWT Token Payloads — joserfc 7.5AIHighAI2025-11-18
CVE-2025-13165 Digiwin|EasyFlow GP - Denial of service — EasyFlow GP 7.5 High2025-11-17
CVE-2025-59089 Python-kdcproxy: remote dos via unbounded tcp upstream buffering — kdcproxy 5.9 Medium2025-11-12
CVE-2025-12748 Libvirt: denial of service in xml parsing 5.5 Medium2025-11-11
CVE-2025-64529 SpiceDB's WriteRelationships fails silently if payload is too big — spicedb 8.1 -2025-11-10
CVE-2025-64509 Bugsink vulnerable to unauthenticated remote DoS via crafted Brotli input (via CPU) — bugsink 7.5 High2025-11-10

Vulnerabilities classified as CWE-770 (不加限制或调节的资源分配) represent 795 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.