CWE-400: Resource Exhaustion

This vulnerability in CRI-O allows attackers with Kube API access to cause memory or disk space exhaustion on Kubernetes nodes by executing commands t...

MinIO object storage systems are vulnerable to a denial-of-service attack where HTTP clients can establish connections that never close, causing unend...

A denial-of-service vulnerability in Play Framework's forms library allows attackers to crash applications by sending deeply-nested JSON objects. This...

This vulnerability in F5 BIG-IP DNS listeners allows attackers to send specially crafted DNS requests that cause excessive memory consumption, potenti...

This vulnerability in SonicWall firewalls allows attackers to bypass security policies by sending TCP traffic through HTTP/S channels from WAN to DMZ ...

CVE-2022-24863 is a denial-of-service vulnerability in http-swagger where improper HTTP method handling allows attackers to exhaust system memory. Thi...

CVE-2022-21155 is a denial-of-service vulnerability in Fernhill SCADA Server where a specially crafted network packet can cause the server process to ...

Nokogiri versions before 1.13.4 contain an inefficient regular expression that causes excessive backtracking when detecting encoding in HTML documents...

CVE-2022-24726 is a denial-of-service vulnerability in Istio's control plane (istiod) where a specially crafted message to the validating webhook endp...

CVE-2022-24713 is a vulnerability in the Rust regex crate where built-in mitigations against regex-based denial of service attacks can be bypassed. Th...

This vulnerability allows attackers to flood temporary log locations in Trend Micro security agents, consuming all disk space and causing denial-of-se...

CVE-2022-21698 is a denial-of-service vulnerability in Prometheus client_golang's promhttp package where HTTP servers using certain instrumentation mi...

CVE-2022-22543 is a denial-of-service vulnerability in SAP NetWeaver ABAP Kernel where insufficient validation of SAP-Passport information allows unau...

This CVE describes a stack overflow vulnerability in TensorFlow's GraphDef format that occurs when loading a SavedModel containing self-recursive func...

This vulnerability allows attackers to cause denial of service on Schneider Electric Modicon M340 PLCs by flooding open TCP ports with RST or FIN pack...

A denial of service vulnerability in Reolink RLC-410W cameras allows attackers to prevent legitimate users from logging in by sending specially-crafte...

This vulnerability in F5 BIG-IP systems causes memory exhaustion when specific SSL configurations are enabled. Attackers can trigger resource consumpt...

This vulnerability in F5 BIG-IP AFM's IPsec ALG logging profile causes the Traffic Management Microkernel (TMM) to terminate when processing specific ...

This vulnerability allows unauthenticated attackers to cause a denial of service by flooding traffic to the out-of-band management ethernet port on Ju...

CVE-2022-21680 is a regular expression denial of service (ReDoS) vulnerability in the marked JavaScript markdown parser. Attackers can craft malicious...

This vulnerability allows attackers to cause denial of service by searching for extremely long language names in MediaWiki's Language Name Search feat...

CVE-2021-43854 is a regular expression denial of service (ReDoS) vulnerability in NLTK's tokenization functions. Attackers can craft malicious input t...

CVE-2021-41014 is a denial-of-service vulnerability in Fortinet FortiWeb web application firewalls where unauthenticated attackers can send specially ...

This vulnerability allows attackers to cause denial of service in Huawei smartphones by exploiting uncontrolled resource consumption in the screen pro...

An unauthenticated denial of service vulnerability in Citrix ADC (formerly NetScaler) allows attackers to temporarily disrupt the Management GUI, Nitr...

An unauthenticated administrator can cause denial of service on Pulse Connect Secure devices by sending malformed requests. This affects Pulse Connect...

CVE-2021-41167 is a concurrency control vulnerability in the modern-async JavaScript library where forEachSeries and forEachLimit functions fail to li...

This vulnerability allows unauthenticated attackers to cause a denial of service by flooding traffic to the out-of-band management ethernet port on af...

CVE-2021-37136 is a denial-of-service vulnerability in Netty's Bzip2Decoder that allows attackers to trigger out-of-memory errors by sending specially...

This vulnerability affects Siemens RUGGEDCOM ROX industrial network devices, allowing attackers to cause permanent denial-of-service by exploiting imp...

This vulnerability in VMware vCenter Server allows attackers with network access to port 443 to trigger excessive memory consumption in the VPXD servi...

Flask-RESTX versions before 0.5.1 contain a vulnerable regular expression for email validation that can be exploited for Regular Expression Denial of ...

CVE-2021-32839 is a regular expression denial of service (ReDoS) vulnerability in sqlparse, a Python SQL parser library. The vulnerability allows atta...

This vulnerability in iPortalis iCS allows attackers to trigger repeated .NET Input Validation errors through crafted requests, causing log file growt...

This CVE describes a Regular Expression Denial of Service (ReDoS) vulnerability in Apache Roller where user-controlled inputs (Referer header, request...

A denial-of-service vulnerability in Siemens Automation License Manager allows attackers to crash the service by sending specially crafted packets to ...

CVE-2021-36716 is a regular expression denial of service (ReDoS) vulnerability in the Segment is-email npm package for Node.js. Attackers can cause ex...

Spring Security OAuth 2.0 clients are vulnerable to denial-of-service attacks where attackers can exhaust system resources by repeatedly initiating au...

This vulnerability in Tor allows an attacker to manipulate circuit ID hashing, potentially causing algorithm inefficiency that could degrade performan...

A denial-of-service vulnerability in Apache CXF's JsonMapObjectReaderWriter allows attackers to send specially crafted JSON payloads to web services, ...

This vulnerability in Ruby on Rails' Actionpack gem allows attackers to cause denial of service through token authentication. A too-permissive regular...

This vulnerability allows remote unauthenticated attackers to cause denial of service (DoS) on Mitsubishi Electric MELSEC iQ-R series CPU modules by e...

CVE-2020-14326 is a denial-of-service vulnerability in RESTEasy's RootNode caching mechanism that allows attackers to cause hash flooding, resulting i...

This vulnerability in the trim-newlines Node.js package allows attackers to cause a denial-of-service (DoS) condition through a regular expression den...

This vulnerability in Prosody XMPP servers allows remote attackers to cause denial-of-service via memory exhaustion without authentication. It affects...

A vulnerability in Siemens SIMATIC NET CP 343-1 communication processors allows remote attackers to cause a Denial-of-Service condition by sending spe...

CVE-2021-31409 is a denial-of-service vulnerability in Vaadin's EmailValidator component where unsafe regular expression validation allows attackers t...

This vulnerability in OX Guard allows attackers to cause Denial of Service by exploiting a WKS server that responds slowly or with excessive data. It ...

This vulnerability allows attackers to cause denial of service through resource exhaustion by submitting specially crafted email addresses that trigge...

This vulnerability allows attackers to cause denial of service (DoS) by submitting specially crafted email addresses that trigger inefficient regular ...