CWE-400: Resource Exhaustion

Open OnDemand users can flood system logs by generating repeated errors through the shell app, creating excessively large log files that consume disk ...

This vulnerability allows an attacker to cause denial of service in webtransport-go implementations by preventing WebTransport session closure. Attack...

This vulnerability allows malicious websites to track users through Safari web extensions due to improper state management. It affects users of Apple'...

The SimpleDirectoryReader component in llama_index.core versions before 0.12.41 has a memory management flaw where it loads all files from a directory...

This vulnerability in Cisco IEC6400 Wireless Backhaul Edge Compute Software allows unauthenticated remote attackers to cause a denial of service (DoS)...

This vulnerability in birkir prime's GraphQL Alias Handler allows remote attackers to cause resource consumption (denial of service) through manipulat...

CVE-2025-15532 is a resource consumption vulnerability in Open5GS's Timer Handler component that allows remote attackers to cause denial of service th...

This vulnerability in BLUVOYIX allows unauthenticated attackers to send spam emails using the company's email sending API. Any organization using the ...

This vulnerability in pypdf allows attackers to craft malicious PDF files that cause excessive processing time when parsing malformed startxref entrie...

This vulnerability in pypdf allows attackers to craft malicious PDF files that cause excessive processing time when parsed in non-strict mode. The att...

An uncontrolled resource consumption vulnerability in Zyxel DX3301-T0 firmware allows attackers to perform Slowloris-style DoS attacks. This can tempo...

CVE-2025-35432 is an uncontrolled resource consumption vulnerability in CISA Thorium where unauthenticated attackers can send unlimited account verifi...

This CVE describes a denial-of-service vulnerability in fs2, a Scala streaming I/O library, where TLS sessions can be exploited to cause CPU spin loop...

This vulnerability allows attackers to cause denial of service by sending specially crafted x-forwarded-proto or x-forwarded-for headers to oak server...

A denial-of-service vulnerability in ImageSharp GIF decoder allows specially crafted GIF files with malformed comment extension blocks to cause infini...

This vulnerability in MarkText allows remote attackers to cause denial of service through inefficient regular expression complexity in the getRecommen...

Dell PowerScale InsightIQ version 5.2 has an uncontrolled resource consumption vulnerability that allows unauthenticated remote attackers to cause den...

This vulnerability in OneBlog up to version 2.3.9 allows remote attackers to cause denial of service through inefficient regular expression complexity...

This vulnerability allows unauthenticated remote attackers to cause a temporary denial of service in the ICMP service of affected Siemens devices by s...

The Minify HTML WordPress plugin has a Regular Expression Denial of Service (ReDoS) vulnerability that allows unauthenticated attackers to submit spec...

Spring MVC applications with @RequestBody byte[] parameters are vulnerable to denial-of-service attacks where attackers can send specially crafted req...

The LevelOne WBR-6012 router with firmware R0.40e6 has an improper resource allocation vulnerability in its web application. Attackers can send crafte...

An unauthenticated remote attacker can send crafted SSH messages to Cisco ASA devices to exhaust SSH resources, causing a denial of service for new SS...

This vulnerability in Jetty's DosFilter allows unauthenticated attackers to send crafted requests that trigger OutOfMemory errors, leading to denial-o...

CVE-2024-8454 is a denial-of-service vulnerability in the swctrl service used by certain PLANET Technology switch models. Unauthenticated remote attac...

This vulnerability allows attackers to cause denial-of-service (DoS) by sending maliciously crafted ETags in 'If-Match' or 'If-None-Match' HTTP reques...

CVE-2024-43380 is a denial-of-service vulnerability in fugit's natural language time parser. The parser accepts arbitrarily long input strings without...

Multiple unauthenticated Denial-of-Service vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Attackers can exploit these vul...

CVE-2024-41946 is a denial-of-service vulnerability in REXML, Ruby's XML toolkit, where parsing XML with many entity expansions via SAX2 or pull parse...

This vulnerability in the Windows iSCSI service allows attackers to cause a denial of service (DoS) by sending specially crafted packets to affected s...

This CVE describes an amplification/reflection vulnerability in SoftEtherVPN when L2TP is enabled. Attackers can spoof source IPs to send small packet...

CVE-2024-35194 is a denial-of-service vulnerability in Minder's templating engine that allows attackers to cause memory exhaustion and crashes by subm...

REXML, an XML toolkit for Ruby, has a denial of service vulnerability when parsing XML with many '<' characters in attribute values. Attackers can cau...

Open5GS v2.7.0 contains a vulnerability where an attacker can cause denial of service by sending 64 unsuccessful UE/gNB registration attempts. This af...

HP OfficeJet Pro printers are vulnerable to a Denial of Service attack when receiving a specially crafted eSCL URL GET request. This vulnerability all...

CVE-2025-58436 is a denial-of-service vulnerability in OpenPrinting CUPS where an attacker can send slow messages to the cupsd service, causing it to ...

A process residence vulnerability in Huawei's print module under abnormal scenarios could allow attackers to cause denial of service conditions. This ...

An authenticated high-privilege user can cause a denial-of-service condition in TP-Link Archer BE230 routers by restoring a crafted configuration file...

A Denial of Service vulnerability in Grav allows attackers to disrupt the admin panel by submitting malicious cron expressions in the scheduled_at par...

This vulnerability allows authenticated high-privilege attackers with network access via HTTP to cause denial of service (DoS) on Oracle ZFS Storage A...

This vulnerability allows high-privileged attackers with network access via HTTP to cause denial of service (DoS) on Oracle ZFS Storage Appliance Kit ...

This vulnerability in Oracle ZFS Storage Appliance Kit allows high-privileged attackers with network access via HTTP to cause denial of service by han...

This vulnerability in MySQL Server's InnoDB component allows authenticated high-privileged attackers to cause a denial of service by crashing or hangi...

This vulnerability in Oracle MySQL Server's optimizer component allows high-privileged attackers with network access to cause denial of service by cra...

This vulnerability allows high-privileged attackers with network access to cause a denial of service (DoS) by crashing or hanging MySQL Server. It aff...

This vulnerability allows high-privileged attackers with network access via HTTP to cause a denial of service (DoS) on Oracle ZFS Storage Appliance Ki...

This vulnerability allows authenticated Splunk users with the 'change_authentication' capability to send multiple LDAP bind requests to a specific int...

This vulnerability allows a high-privileged remote attacker to cause denial of service by exhausting system resources through rapid crafted POST reque...

This vulnerability in MySQL Server's replication component allows authenticated high-privileged attackers to cause a denial of service (DoS) by crashi...

This vulnerability in MySQL Server's InnoDB component allows authenticated high-privilege attackers to cause denial of service by crashing or hanging ...