46 matches found
CVE-2025-46638
Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service DoS...
CVE-2025-46638
Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service DoS...
EUVD-2025-210066
Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service DoS...
CVE-2026-8486 Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation
Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Flooding. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...
CVE-2025-14341 Input Data Manipulation in DivvyDrive Information Technologies' DivvyDrive
Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive Allocation, Flooding. This issue affects DivvyDrive: from 4.8.2.19 before...
CVE-2026-29168 Apache HTTP Server: mod_md unrestricted OCSP response
Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the JSON component. An attacker can cause the server to hang or crash repeatedly by sending specially crafted requests over the network. Remediation Upgrade libmysqlclient to versi...
PT-2026-30221
Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this...
GO-2026-4674 flagd Vulnerable to Allocation of Resources Without Limits or Throttling in github.com/open-feature/flagd/flagd
flagd Vulnerable to Allocation of Resources Without Limits or Throttling in github.com/open-feature/flagd/flagd...
asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation
A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to perform a Denial of Service DoS attack over a network by allocating resources without limits or throttling. This can lead to the unavailability of the service for legitimate users...
asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation
A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to perform a Denial of Service DoS attack over a network by allocating resources without limits or throttling. This can lead to the unavailability of the service for legitimate users...
CVE-2025-57711
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...
CVE-2025-57708
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We hav...
CVE-2025-58471
CVE-2025-58471 affects QNAP Qsync Central. The issue is an allocation of resources without limits or throttling, which an admin-authenticated remote attacker could exploit to cause a denial of service by preventing other systems, applications, or processes from accessing the same type of resource...
CVE-2025-11044
An Allocation of Resources Without Limits or Throttling vulnerability in the ANSL-Server component of B&R Automation Runtime versions prior to 6.5 and prior to R4.93 could be exploited by an unauthenti-cated attacker on the network to win a race condition, resulting in permanent denial-of-service...
CVE-2025-10569 Allocation of Resources Without Limits or Throttling in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to create a denial of service condition by providing crafted responses to external API calls...
CVE-2025-57705
An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessin...
BIT-ELASTICSEARCH-2025-68384 Elasticsearch Allocation of Resources Without Limits or Throttling
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...
PT-2025-52355
Name of the Vulnerable Software and Affected Versions Packetbeat affected versions not specified Description An unauthenticated remote attacker can cause excessive allocation of memory and CPU resources in Packetbeat through the manipulation of malicious IPv4 fragments. This resource exhaustion c...
CVE-2025-14466 Güralp Systems Fortimus Series, Minimus Series, and Certimus Series have an Allocation of Resources Without Limits or Throttling vulnerability
A vulnerability in the web interface of the Güralp Fortimus Series, Minimus Series and Certimus Series allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that can cause the web service process to deliberately restart. Although this mechanism limits the...