Allocation of Resources Without Limits or Throttling

Overview github.com/free5gc/pcf/internal/sbi/processor is a None Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. via repeated HTTP requests to the OAM endpoint, which trigger the router.Use process. An attacker can exhaust system memory an...

Uncontrolled Resource Consumption

github.com/containerd/containerd is vulnerable to uncontrolled resource consumption. The vulnerability is due to goroutine leaks in the attach mechanism, which allows an attacker to exhaust host memory by repeatedly initiating attach requests...

EUVD-2026-14565

OpenClaw before 2026.3.1 contains an unbounded memory growth vulnerability in the Zalo webhook endpoint that allows unauthenticated attackers to trigger memory exhaustion by varying query strings. Attackers can send repeated requests with different query parameters to the same webhook route,...

CVE-2025-10867

An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1 that could have allowed an authenticated user to create a denial-of-service condition by exploiting an unprotected GraphQL API through repeated requests...

CVE-2013-0699

The Galil RIO-47100 Pocket PLC allows remote attackers to cause a denial of service via a session that includes "repeated requests."...

CVE-2024-10511

The provided connected documents identify CVE-2024-10511 as an Improper Authentication (CWE-287) vulnerability in Schneider Electric PowerChute Serial Shutdown. The issue can cause Denial of Access to the PCSS web UI when a local-network attacker repeatedly requests the /accessdenied endpoint. Af...

Denial Of Service (DoS)

github.com/mattermost/mattermost-server is vulnerable to Denial Of Service. The vulnerability is due to a lack of session limit enforcement, enabling an authenticated attacker to crash the server by flooding the sessions table through repeated requests to the getSessions API...

CVE-2023-49706

Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions of another user. Attackers must generate repeated API requests to trigger a race condition with...

CVE-2022-40306

The login form /Login in ECi Printanista Hub formerly FMAudit Printscout before 5.5.2 July 2023 performs expensive RSA key-generation operations, which allows attackers to cause a denial of service DoS by requesting that form repeatedly...

CVE-2020-27834

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2019-20899

The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API. The affected versions are before version 8.5.4, and from version 8.6.0 before 8.6.1...

CVE-2019-4165

IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to cause a denial of service attack using repeated requests to the server. IBM X-Force ID: 158698...

IBM StoredIQ Input Validation Error Vulnerability

IBM StoredIQ is a suite of data visualization and processing platforms from IBM, USA. The platform provides scalable analytics and governance of unstructured data, as well as records management, storage optimization and migration of data. An input validation error vulnerability exists in IBM...

Stage File Proxy - Less critical - Denial of Service - SA-CONTRIB-2019-044

Stage File Proxy is a general solution for getting production files on a development server on demand. The module doesn't sufficiently validate requested urls, allowing an attacker to send repeated requests for files that do not exist which could exhaust resources on the server where Stage File...

CVE-2013-0699

The Galil RIO-47100 Pocket PLC allows remote attackers to cause a denial of service via a session that includes "repeated requests."...

CVE-2013-0699

The Galil RIO-47100 Pocket PLC allows remote attackers to cause a denial of service via a session that includes "repeated requests."...

flash-plugin: crash caused by SWF files with different SWF versions obtained from the same URL

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service NULL pointer dereference and browser crash by returning a different response when an HTTP request is sent a second time, as demonstrated by two...

Proxy accepts CONNECT requests to itself

The proxy allows the users to perform repeated CONNECT requests to itself. Note that if the proxy limits the number of connections from a single IP e.g. acl maxconn with Squid, it is protected against saturation and you may ignore this alert. SPDX-FileCopyrightText: 2005 Michel Arboi Some text...

CVE-2000-0410

ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory...