Filtered by CWE-770
Filtered by vendor Subscriptions
Total 1086 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-47969 2024-12-11 6.2 Medium
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.
CVE-2024-47967 2024-12-11 4.4 Medium
Improper resource initialization handling in firmware of some Solidigm DC Products may allow an attacker to potentially enable denial of service.
CVE-2024-43567 1 Microsoft 5 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 2 more 2024-12-10 7.5 High
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-22164 1 Splunk 1 Enterprise Security 2024-12-10 4.3 Medium
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible.
CVE-2024-36462 1 Zabbix 1 Zabbix 2024-12-10 7.5 High
Uncontrolled resource consumption refers to a software vulnerability where a attacker or system uses excessive resources, such as CPU, memory, or network bandwidth, without proper limitations or controls. This can cause a denial-of-service (DoS) attack or degrade the performance of the affected system.
CVE-2020-28400 2 Seimens, Siemens 188 Scalance M812-1 Adsl-router Annex A, Scalance M812-1 Adsl-router Annex B, Development Evaluation Kits For Profinet Io Dk Standard Ethernet Controller and 185 more 2024-12-10 7.5 High
Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vulnerability can be triggered if a large amount of DCP reset packets are sent to the device.
CVE-2022-1337 1 Mattermost 1 Mattermost Server 2024-12-07 4.3 Medium
The image proxy component in Mattermost version 6.4.1 and earlier allocates memory for multiple copies of a proxied image, which allows an authenticated attacker to crash the server via links to very large image files.
CVE-2022-1333 1 Mattermost 1 Playbooks 2024-12-07 3.5 Low
Mattermost Playbooks plugin v1.24.0 and earlier fails to properly check the limit on the number of webhooks, which allows authenticated and authorized users to create a specifically drafted Playbook which could trigger a large amount of webhook requests leading to Denial of Service.
CVE-2022-2406 1 Mattermost 1 Mattermost 2024-12-07 4.3 Medium
The legacy Slack import feature in Mattermost version 6.7.0 and earlier fails to properly limit the sizes of imported files, which allows an authenticated attacker to crash the server by importing large files via the Slack import REST API.
CVE-2022-3147 1 Mattermost 1 Mattermost Server 2024-12-07 3.1 Low
Mattermost version 7.0.x and earlier fails to sufficiently limit the in-memory sizes of concurrently uploaded JPEG images, which allows authenticated users to cause resource exhaustion on specific system configurations, resulting in server-side Denial of Service.
CVE-2022-4019 1 Mattermost 1 Mattermost 2024-12-07 4.3 Medium
A denial-of-service vulnerability in the Mattermost Playbooks plugin allows an authenticated user to crash the server via multiple large requests to one of the Playbooks API endpoints.
CVE-2022-4044 1 Mattermost 1 Mattermost 2024-12-07 4.3 Medium
A denial-of-service vulnerability in Mattermost allows an authenticated user to crash the server via multiple large autoresponder messages.
CVE-2022-4045 1 Mattermost 1 Mattermost 2024-12-07 3.1 Low
A denial-of-service vulnerability in the Mattermost allows an authenticated user to crash the server via multiple requests to one of the API endpoints which could fetch a large amount of data. 
CVE-2023-47717 1 Ibm 1 Security Guardium 2024-12-07 4.4 Medium
IBM Security Guardium 12.0 could allow a privileged user to perform unauthorized actions that could lead to a denial of service. IBM X-Force ID: 271690.
CVE-2023-36371 1 Monetdb 1 Monetdb 2024-12-06 7.5 High
An issue in the GDKfree component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-36370 1 Monetdb 1 Monetdb 2024-12-06 7.5 High
An issue in the gc_col component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-12254 2 Python Software Foundation, Redhat 3 Cpython, Enterprise Linux, Rhel Eus 2024-12-06 7.5 High
Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reached the "high-water mark". Because of this, Protocols would not periodically drain the write buffer potentially leading to memory exhaustion. This vulnerability likely impacts a small number of users, you must be using Python 3.12.0 or later, on macOS or Linux, using the asyncio module with protocols, and using .writelines() method which had new zero-copy-on-write behavior in Python 3.12.0 and later. If not all of these factors are true then your usage of Python is unaffected.
CVE-2023-36369 1 Monetdb 1 Monetdb 2024-12-06 7.5 High
An issue in the list_append component of MonetDB Server v11.45.17 and v11.46.0 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-2828 5 Debian, Fedoraproject, Isc and 2 more 19 Debian Linux, Fedora, Bind and 16 more 2024-12-06 7.5 High
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
CVE-2024-53907 2 Djangoproject, Redhat 2 Django, Ansible Automation Platform 2024-12-06 7.5 High
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.