CWE-770: CWE-770

This vulnerability in Frontier (Substrate's Ethereum compatibility layer) allows attackers to craft contracts with excessive storage values and trigge...

CVE-2023-5072 is a denial-of-service vulnerability in JSON-Java library where specially crafted JSON input causes excessive memory consumption, potent...

OpenTelemetry-Go Contrib's otelhttp.NewHandler wrapper has unbound cardinality for HTTP method and User-Agent attributes, allowing attackers to send r...

This vulnerability in F5 BIG-IP systems allows attackers to cause memory exhaustion through specially crafted TCP requests when TCP Verified Accept is...

This vulnerability allows attackers to perform unlimited item merging operations in Wikibase, potentially disrupting data integrity and availability. ...

The snappy-java library is vulnerable to denial of service attacks when processing compressed data with maliciously large chunk sizes. This affects al...

This vulnerability allows denial of service attacks against Faktory web dashboard instances by sending crafted malicious URL query parameters. Attacke...

CVE-2023-38039 is a memory exhaustion vulnerability in curl/libcurl where a malicious server can send unlimited HTTP headers, causing curl to consume ...

This vulnerability in QUIC implementations allows malicious connections to cause unbounded memory growth by sending excessively large post-handshake m...

This vulnerability allows malicious peers to perform resource exhaustion attacks by sending large RSA keys during Noise handshake or x509 extension ve...

A denial-of-service vulnerability in the web server of multiple Siemens RUGGEDCOM industrial networking devices allows attackers to crash the web inte...

This vulnerability in Mastodon allows malicious servers to perform slowloris-type attacks by extending HTTP response durations indefinitely. This can ...

CVE-2023-36814 is a vulnerability in Products.CMFCore that allows unauthenticated attackers to cause denial of service and crashes by exploiting unsaf...

This vulnerability in MonetDB Server's gc_col component allows attackers to execute crafted SQL statements that cause a Denial of Service (DoS) by cra...

A vulnerability in MonetDB Server's log_create_delta component allows attackers to cause Denial of Service (DoS) by sending crafted SQL statements. Th...

A vulnerability in MonetDB Server's cs_bind_ubat component allows attackers to cause Denial of Service (DoS) by sending specially crafted SQL statemen...

This vulnerability involves configuration defects in the secure OS module of certain Huawei devices, allowing attackers to cause denial-of-service con...

This vulnerability in Android's notification system allows remote attackers to cause temporary denial of service by sending specially crafted notifica...

CVE-2023-2666 is an allocation of resources without limits vulnerability in Froxlor server management panel. Attackers can cause resource exhaustion (...

This CVE describes a command injection vulnerability in GL.iNet devices that allows attackers to create empty files anywhere on the filesystem. The vu...

This vulnerability allows attackers to cause a Denial-of-Service condition in ebankIT banking platforms by sending specially crafted requests with exc...

This vulnerability in M-Files Server allows attackers to cause denial of service through uncontrolled memory consumption. By sending specially crafted...

This vulnerability in GitLab allows attackers to cause denial of service by exploiting a timeout issue in the diff formatter using rouge in Sidekiq jo...

This vulnerability in TiKV allows remote attackers to cause denial of service by triggering a fatal error when attempting to start a node while exceed...

This vulnerability in hyper v0.13.7's h2-0.2.4 component causes excessive memory and CPU consumption when processing HTTP/2 RST_STREAM frames, leading...

A denial-of-service vulnerability exists in the webserver of multiple Siemens SIMATIC communication processors. Attackers can crash the webserver comp...

CVE-2023-28867 is a denial-of-service vulnerability in GraphQL Java (graphql-java) where an attacker can send a specially crafted GraphQL query that c...

CVE-2023-28119 is a denial-of-service vulnerability in the crewjam/saml Go library where unlimited decompression of SAML requests can crash the server...

This vulnerability in silverstripe/graphql allows attackers to execute denial-of-service attacks via specially crafted GraphQL queries. It primarily a...

This vulnerability in Jenkins allows attackers to cause denial of service by exploiting improper request handling in the Apache Commons FileUpload lib...

This vulnerability in Hyperium Hyper HTTP libraries allows attackers to perform HTTP/2 attacks by exploiting the inability to customize max_header_lis...

Knot Resolver before version 5.6.0 contains a resource consumption vulnerability where a single DNS query can trigger up to 100 TCP connection attempt...

Apache Commons FileUpload before version 1.5 has a denial-of-service vulnerability where attackers can overwhelm systems by sending unlimited file upl...

Kiwi TCMS versions before 12.0 lack rate limiting on the login page, allowing attackers to perform brute-force attacks against user credentials. This ...

CVE-2023-25578 is a denial-of-service vulnerability in Starlite ASGI framework where unauthenticated attackers can send specially crafted multipart re...

CVE-2023-25577 is a denial-of-service vulnerability in Werkzeug's multipart form data parser that allows attackers to cause high CPU and memory consum...

CVE-2023-25576 is a denial-of-service vulnerability in @fastify/multipart plugin where attackers can send unlimited multipart parts (files, fields, or...

This vulnerability in HarfBuzz text shaping engine allows attackers to cause denial of service through algorithmic complexity attacks. By providing sp...

This vulnerability in Django allows attackers to cause denial-of-service by sending HTTP requests with extremely large Accept-Language headers, which ...

CVE-2023-23846 is a denial-of-service vulnerability in Open5GS GTP library where specially crafted GTPv1-U messages with zero-length extension headers...

This CVE describes an unauthenticated resource exhaustion vulnerability in Juniper Junos OS Evolved's Packet Forwarding Engine. An attacker can send h...

This vulnerability in glFTPd 2.11a allows remote attackers to cause a denial of service by exceeding the connection limit, crashing the FTP server. It...

A caching vulnerability in Spring Cloud Function's Function Catalog component allows attackers to cause denial-of-service conditions by exploiting loo...

This vulnerability in Qualcomm Snapdragon chipsets involves improper memory allocation during counter check DLM handling, which can cause denial of se...

This vulnerability in SonicWall SonicOS CFS allows attackers to cause HTTP Denial of Service (DoS) by triggering large 403 forbidden responses when ac...

This vulnerability in FIS GT.M/YottaDB allows attackers to control the size parameter of a memset function through crafted input to util_format in sr_...

CVE-2022-21822 is a resource exhaustion vulnerability in NVIDIA FLARE's admin interface that allows unauthenticated attackers to cause denial of servi...

This vulnerability in Moodle's draft files area allows attackers to cause denial-of-service by bypassing user file upload limits. It affects Moodle in...

This vulnerability in HashiCorp Nomad allows attackers to submit specially crafted HCL job configurations to the jobs parse endpoint, causing excessiv...

CVE-2022-23228 is an improper WebRTC input validation vulnerability in Pexip Infinity that allows unauthenticated remote attackers to cause denial of ...