CWE-400: Resource Exhaustion

An unauthenticated attacker can send a specially crafted large JSON payload to Argo CD's /api/webhook endpoint, causing excessive memory allocation th...

An unauthenticated attacker can send specific H.323 packets to Juniper SRX/MX Series devices, causing uncontrolled resource consumption that leads to ...

An unauthenticated attacker can send network traffic to Juniper Junos OS Evolved devices to cause uncontrolled memory consumption in the aftmand proce...

The 'images' npm package is vulnerable to Denial of Service (DoS) attacks when unexpected input types are provided to certain functions. Attackers can...

The @discordjs/opus package is vulnerable to Denial of Service (DoS) attacks where an attacker can crash the system by providing specially crafted inp...

This vulnerability allows attackers to cause a denial of service on Windows Online Certificate Status Protocol (OCSP) servers by sending specially cra...

This vulnerability allows attackers to cause a denial of service on Windows Online Certificate Status Protocol (OCSP) servers by sending specially cra...

CVE-2024-38015 is a denial-of-service vulnerability in Windows Remote Desktop Gateway (RD Gateway) that allows attackers to crash the service, disrupt...

This vulnerability in Apache Tomcat allows attackers to cause uncontrolled resource consumption through HTTP/2 connections. By sending excessive HTTP ...

An unauthenticated Denial of Service vulnerability in WhatsUp Gold allows attackers to force the application into the SetAdminPassword installation st...

An unauthenticated attacker can send specially crafted HTTP requests to the TestController Chart functionality in WhatsUp Gold, causing uncontrolled r...

This vulnerability in mintplex-labs/anything-llm allows attackers to cause a Denial of Service by creating users with excessively large usernames, whi...

This vulnerability allows unauthenticated remote attackers to cause denial of service by tricking Adminer/AdminerEvo into connecting to malicious serv...

This vulnerability in SAP NetWeaver AS Java allows attackers to perform denial-of-service attacks by exploiting unrestricted access to Meta Model Repo...

CVE-2024-33655, known as DNSBomb, is a DNS protocol vulnerability that allows remote attackers to cause denial of service by accumulating DNS queries ...

This vulnerability is a memory leak in the Linux kernel's traffic control subsystem. It allows attackers to cause denial of service by exhausting kern...

CVE-2024-34953 is a memory exhaustion vulnerability in taurusxin ncmdump v1.3.2 that allows attackers to cause Denial of Service (DoS) by supplying a ...

This vulnerability allows attackers to crash XAMPP servers on Windows by sending many incomplete HTTP requests, causing uncontrolled resource consumpt...

CVE-2024-5052 is a Denial of Service vulnerability in Cerberus Enterprise 8.0.10.3 web administration interface. Attackers can crash the service by fl...

This vulnerability is an incomplete fix for CVE-2022-41723 in the etcd package distributed with Red Hat OpenStack platform. It allows potential HTTP/2...

This vulnerability is an incomplete fix for the Rapid Reset HTTP/2 attack (CVE-2023-39325/CVE-2023-44487) in etcd packages distributed with Red Hat Op...

This vulnerability allows remote attackers to cause denial-of-service by sending excessive OPC UA ConditionRefresh requests to OPC Foundation UA .NET ...

CVE-2024-32663 is a memory exhaustion vulnerability in Suricata's HTTP/2 parser where small amounts of HTTP/2 traffic can cause excessive memory consu...

A remote denial of service vulnerability in LAN Messenger version 3.4.0 allows an attacker to crash the service by sending a long string continuously ...

A denial-of-service vulnerability in Delta Electronics DIAEnergie allows attackers to cause system restarts by sending specially crafted 'ICS Restart!...

This vulnerability allows unauthenticated remote attackers to cause denial-of-service by sending excessive OPC UA ConditionRefresh requests to Inducti...

This vulnerability allows remote attackers to cause a denial-of-service condition in Softing edgeConnector Siemens by sending excessive OPC UA Conditi...

A remote attacker can cause a denial of service in Hipcam Cameras RealServer v1.0 by sending a crafted script to the client_port parameter. This vulne...

s3-url-parser version 1.0.3 contains a denial of service vulnerability in its regexes component that allows attackers to cause resource exhaustion and...

This vulnerability is a denial-of-service flaw in O-RAN E2T's SCTP thread implementation where a malformed E2setup message can cause a crash when incr...

This vulnerability in PHP's mb_encode_mimeheader() function causes infinite loops when processing specific input patterns, leading to denial of servic...

CVE-2023-6596 is an incomplete fix for the Rapid Reset vulnerability (CVE-2023-44487/CVE-2023-39325) in OpenShift Container Platform. This allows atta...

This vulnerability in the DHCP Server Service allows an attacker to send specially crafted packets to cause a denial of service (DoS) condition, poten...

IBM Common Cryptographic Architecture (CCA) versions 7.0.0 through 7.5.36 contain a vulnerability in AES operation handling that could allow a remote ...

This vulnerability in XNIO's NotifierState can cause a stack overflow when notifier state chains become excessively large, leading to uncontrolled res...

CVE-2023-50967 is a denial-of-service vulnerability in latchset jose library versions through 11. Attackers can cause excessive CPU consumption by pro...

A vulnerability in FastDDS's HistoryQosPolicy component causes a SIGABRT (abort signal) when receiving DataWriter data, leading to denial of service. ...

This vulnerability allows attackers to perform a Slowloris-style denial-of-service attack against services using tls-listener with default configurati...

This vulnerability in Microsoft's QUIC protocol implementation allows attackers to cause denial of service by sending specially crafted network packet...

This vulnerability in .NET and Visual Studio allows attackers to cause a denial of service by sending specially crafted requests to affected systems. ...

A memory leak vulnerability in libheif's JpegEncoder::Encode function allows attackers to cause denial of service by exhausting system memory. This af...

This vulnerability in phpseclib allows attackers to cause denial of service by providing a malformed certificate with an extremely large prime number,...

Srelay v0.4.8p3 contains a vulnerability where specially crafted network payloads can trigger a denial of service condition, causing the SOCKS proxy s...

This vulnerability in Moodle's file picker unzip functionality allows attackers to cause denial of service by uploading specially crafted zip files th...

CVE-2024-24814 is a denial-of-service vulnerability in mod_auth_openidc where attackers can send specially crafted cookies with large integer values t...

This vulnerability in Windows DNS Client allows an attacker to cause a denial of service (DoS) condition by sending specially crafted DNS responses. A...

CVE-2024-24781 is an unauthenticated remote denial-of-service vulnerability where attackers can overwhelm a single Ethernet port with excessive traffi...

CVE-2024-24575 is a vulnerability in libgit2 where specially crafted inputs to the git_revparse_single function can cause an infinite loop, leading to...

CVE-2024-24762 is a regular expression denial of service (ReDoS) vulnerability in python-multipart, a streaming multipart parser for Python. Attackers...

This vulnerability in libexpat allows attackers to cause denial of service through resource consumption by sending specially crafted XML with large to...