CWE-400: Resource Exhaustion

A vulnerability in Binutils objdump allows attackers to cause denial of service or potentially other impacts via a specific function in match-o.c. Thi...

This vulnerability in GPAC (Multimedia Framework) allows remote attackers to cause a denial of service via resource exhaustion. It affects systems run...

This vulnerability in Podman allows attackers to create malicious containers that exhaust system memory through IPC resource exhaustion. When containe...

This CVE describes a Denial of Service vulnerability in GitHub Enterprise Server where an attacker can send a large payload to the Git server, causing...

This vulnerability in Cisco Smart Software Manager On-Prem allows an authenticated remote attacker to cause a denial of service (DoS) by sending multi...

This vulnerability allows authenticated remote attackers with low privileges to cause denial of service on Cisco IOS XE devices by exhausting resource...

This vulnerability in GitLab allows attackers to cause denial of service through uncontrolled resource consumption by uploading specially crafted file...

CVE-2026-28342 is an unauthenticated denial-of-service vulnerability in OliveTin's PasswordHash API endpoint. Attackers can send concurrent password h...

This vulnerability allows remote unauthenticated attackers to cause denial of service in Traefik by exploiting a TLS handshake flaw. Attackers can sen...

This vulnerability in Eclipse Jetty's GzipHandler causes a memory leak when processing compressed HTTP requests without compressed responses. Attacker...

This vulnerability in cpp-httplib allows attackers to bypass configured payload size limits by sending compressed HTTP requests. When using streaming ...

This vulnerability in pypdf allows attackers to craft malicious PDF files that cause denial of service by exhausting system RAM when the XFA property ...

TinyWeb versions before 2.02 are vulnerable to Slowloris denial-of-service attacks where attackers can exhaust server resources by opening many connec...

This vulnerability in ImageMagick allows attackers to cause denial of service by exploiting an infinite loop in PCD file processing. When ImageMagick ...

This vulnerability allows remote attackers to crash the web service on Bematech MP-4200 TH printers by sending specially crafted POST requests to the ...

This vulnerability allows unauthenticated attackers to cause denial of service in Traefik reverse proxy by exploiting a STARTTLS timeout bypass. Attac...

This vulnerability in Halo blogging software allows remote attackers to cause denial of service by sending specially crafted payloads to the public co...

This CVE describes a memory handling vulnerability in Apple operating systems and Safari that could allow a remote attacker to cause denial-of-service...

This CVE describes a Bluetooth denial-of-service vulnerability affecting multiple Apple operating systems. An attacker in a privileged network positio...

AdonisJS multipart file upload handler has a memory exhaustion vulnerability that allows attackers to cause denial of service by uploading specially c...

CVE-2025-71031 is a denial-of-service vulnerability in Water-Melon Melon's HTTP component that lacks request header length limits. Attackers can crash...

This vulnerability in apko allows attackers who control or compromise APK repositories to cause resource exhaustion on build hosts. By serving a small...

A vulnerability in Samsung Exynos processors and modems allows denial of service attacks through improper handling of NAS Registration messages. Attac...

This vulnerability in huggingface/text-generation-inference allows unauthenticated attackers to trigger resource exhaustion by exploiting unbounded ex...

A GPU device-ID validation flaw in OneFlow's CUDA component allows attackers to trigger a Denial of Service (DoS) by providing a crafted device ID. Th...

A vulnerability in OneFlow v0.9.0's flow.cuda.BoolTensor component allows attackers to cause Denial of Service (DoS) by sending specially crafted inpu...

A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Service (DoS) by calling flow.cuda.get_device_properties() w...

This vulnerability in Grafana allows attackers to cause denial of service by exhausting system memory through uncontrolled goroutine creation. Attacke...

Multiple denial of service vulnerabilities in React Server Components allow attackers to crash servers or cause resource exhaustion by sending special...

This vulnerability in jsdiff library allows denial-of-service attacks through infinite loops and resource exhaustion when parsing patches containing s...

A Node.js TLS vulnerability allows remote attackers to crash TLS servers or cause resource exhaustion by triggering unhandled exceptions in PSK or ALP...

A malformed HTTP/2 HEADERS frame with oversized, invalid HPACK data can cause Node.js to crash due to an unhandled TLSSocket ECONNRESET error, enablin...

A memory leak vulnerability in Node.js's OpenSSL integration allows remote attackers to cause denial of service through resource exhaustion. When appl...

A denial-of-service vulnerability in ArmorStart LT industrial motor controllers causes unexpected device reboots when subjected to specific EtherNet/I...

A denial-of-service vulnerability in ArmorStart LT industrial motor controllers causes unexpected device reboots when processing specific network traf...

A denial-of-service vulnerability in ArmorStart LT industrial motor controllers allows attackers to crash the CIP port by sending specially crafted pa...

ChatterBot versions up to 1.2.10 are vulnerable to denial-of-service due to improper database connection pool management. Concurrent calls to the get_...

CVE-2026-0517 is a denial-of-service vulnerability in Secure Access Server where an attacker can crash the server by sending a specially crafted packe...

This vulnerability in NanoMQ allows attackers to cause a denial of service by sending crafted requests that cause the recv-q queue to fill up, leading...

A denial-of-service vulnerability in Firefox and Thunderbird's DOM Service Workers component allows attackers to crash the browser or email client. Th...

This vulnerability affects multiple Siemens SIMATIC industrial control system modules. An attacker can send a specially crafted S7 protocol disconnect...

A vulnerability in Hero Motocorp Vida V1 Pro 2.0.7 allows local attackers to cause denial of service via the Bluetooth Low Energy (BLE) component. Thi...

This vulnerability in Insiders Technologies GmbH e-invoice pro allows remote attackers to cause denial of service via crafted scripts. The issue affec...

A vulnerability in Samsung Exynos processors allows incorrect handling of RRC (Radio Resource Control) packets, leading to denial of service. This aff...

MessagePack for Java versions before 0.9.11 contain a denial-of-service vulnerability where deserializing malicious .msgpack files with specially craf...

A vulnerability in BinUtils' cp-demangle.c function allows attackers to cause denial of service through crafted PE files. This affects systems using B...

A vulnerability in libxmljs 1.0.11 allows attackers to cause a segmentation fault and denial-of-service by parsing a specially crafted XML document th...

CVE-2025-67726 is a denial-of-service vulnerability in Tornado web framework where inefficient parsing of HTTP header parameters allows attackers to c...

A denial-of-service vulnerability in Tornado web framework allows a single malicious HTTP request to block the server's event loop by exploiting ineff...

A denial-of-service vulnerability in the logrus logging library allows attackers to crash applications by logging single-line payloads larger than 64K...