CWE-400— Uncontrolled Resource Consumption (Denial of Service)
3,206 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-400page 2 of 65
- CVE-2011-0762NONECVSS 0.0EG 0.02011-03-02
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple F…
- CVE-2011-0985NONECVSS 0.0EG 0.02011-02-10
Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors.
- CVE-2011-0999NONECVSS 0.0EG 0.02011-02-23
mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not prevent creation of a transparent huge page (THP) during the existence of a temporary stack for an exec system call, which allows local users to cause a denial of service (mem…
- CVE-2011-1082NONECVSS 0.0EG 0.02011-04-04
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (dea…
- CVE-2011-1083NONECVSS 0.0EG 0.02011-04-04
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epo…
- CVE-2011-1459MEDIUMCVSS 6.5EG 6.52019-11-05
The WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an attacker to cause a denial of service (crash) via the htmlpluginelement.cpp plugin.
- CVE-2011-1474MEDIUMCVSS 5.5EG 5.52019-12-26
A locally locally exploitable DOS vulnerability was found in pax-linux versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch. A bad bounds check in arch_get_unmapped_area_topdown triggered by programs doing an mmap…
- CVE-2011-1640HIGHCVSS 7.5EG 7.52011-10-22
The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs,…
- CVE-2011-2189HIGHCVSS 7.5EG 7.52011-10-10
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption…
- CVE-2011-2491NONECVSS 0.0EG 0.02013-03-01
The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel before 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call.
- CVE-2011-2689NONECVSS 0.0EG 0.02011-07-28
The gfs2_fallocate function in fs/gfs2/file.c in the Linux kernel before 3.0-rc1 does not ensure that the size of a chunk allocation is a multiple of the block size, which allows local users to cause a denial of service (BUG and system cra…
- CVE-2011-2906MEDIUMCVSS 5.5EG 5.52012-05-24
Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size …
- CVE-2011-2918MEDIUMCVSS 5.5EG 5.52012-05-24
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted appl…
- CVE-2011-3192NONECVSS 0.0EG 9.02011-08-29
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping r…
- CVE-2011-3336HIGHCVSS 7.5EG 7.52020-02-12
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
- CVE-2011-3348NONECVSS 0.0EG 0.02011-09-20
The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error state" in the backend server) via a malfo…
- CVE-2011-3954NONECVSS 0.0EG 0.02012-02-09
Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service (application crash) via vectors that trigger a large amount of database usage.
- CVE-2011-4082HIGHCVSS 7.5EG 7.52019-11-26
A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. A remote attacker could use this flaw to cause a denial of service via specially-crafted request.
- CVE-2011-4838NONECVSS 0.0EG 0.02011-12-30
JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application t…
- CVE-2011-5056NONECVSS 0.0EG 0.02012-01-08
The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which might allow local users to cause a denial of service (CPU consumption) via c…
- CVE-2012-0024NONECVSS 0.0EG 0.02012-01-08
MaraDNS before 1.3.07.12 and 1.4.x before 1.4.08 computes hash values for DNS data without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by send…
- CVE-2012-0049MEDIUMCVSS 4.3EG 4.32019-11-07
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
- CVE-2012-0058MEDIUMCVSS 5.5EG 5.52012-05-17
The kiocb_batch_free function in fs/aio.c in the Linux kernel before 3.2.2 allows local users to cause a denial of service (OOPS) via vectors that trigger incorrect iocb management.
- CVE-2012-0260MEDIUMCVSS 6.5EG 6.52012-06-05
The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers.
- CVE-2012-0382HIGHCVSS 7.5EG 7.52012-03-29
The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows …
- CVE-2012-0785HIGHCVSS 7.5EG 7.52020-02-24
Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU lo…
- CVE-2012-0810MEDIUMCVSS 5.5EG 5.52020-02-12
The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.
- CVE-2012-0876NONECVSS 0.0EG 0.02012-07-03
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an X…
- CVE-2012-0877HIGHCVSS 7.5EG 7.52019-11-22
PyXML: Hash table collisions CPU usage Denial of Service
- CVE-2012-0879MEDIUMCVSS 5.5EG 5.52012-05-17
The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an …
- CVE-2012-1572HIGHCVSS 7.5EG 7.52019-11-12
OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space
- CVE-2012-4863MEDIUMCVSS 6.5EG 6.52020-01-23
IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability
- CVE-2012-5362HIGHCVSS 7.5EG 7.52020-02-20
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.
- CVE-2012-5363HIGHCVSS 7.5EG 7.52020-02-20
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.
- CVE-2012-5364HIGHCVSS 7.5EG 7.52020-02-20
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
- CVE-2012-5365HIGHCVSS 7.5EG 7.52020-02-20
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
- CVE-2012-5366HIGHCVSS 7.5EG 7.52020-02-20
The IPv6 implementation in Apple Mac OS X (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
- CVE-2012-5645HIGHCVSS 7.5EG 7.52019-12-30
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive…
- CVE-2012-6083HIGHCVSS 7.5EG 7.52020-01-23
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.
- CVE-2012-6638NONECVSS 0.0EG 0.02014-02-15
The tcp_rcv_state_process function in net/ipv4/tcp_input.c in the Linux kernel before 3.2.24 allows remote attackers to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets, a different vulnerability t…
- CVE-2013-20004CRITICALCVSS 9.8EG 9.82022-02-06
A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker could create a denial of service state by trying to connect a non-existent target mu…
- CVE-2013-2128MEDIUMCVSS 5.5EG 5.52013-06-07
The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.
- CVE-2013-2763NONECVSS 0.0EG 0.02013-04-04
The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attac…
- CVE-2013-3074HIGHCVSS 7.5EG 7.52020-01-28
NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash).
- CVE-2013-3691HIGHCVSS 7.5EG 7.52019-12-11
AirLive POE-2600HD allows remote attackers to cause a denial of service (device reset) via a long URL.
- CVE-2013-4120HIGHCVSS 7.5EG 7.52019-12-10
Katello has a Denial of Service vulnerability in API OAuth authentication
- CVE-2013-4175MEDIUMCVSS 5.5EG 5.52020-01-23
MySecureShell 1.31 has a Local Denial of Service Vulnerability
- CVE-2013-4602MEDIUMCVSS 5.5EG 5.52020-02-12
A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine.
- CVE-2013-5567NONECVSS 0.0EG 0.02014-07-14
Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and de…
- CVE-2013-7470MEDIUMCVSS 5.9EG 5.92019-04-23
cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerabili…
Map vulnerabilities like CWE-400 to your infrastructure
EchelonGraph correlates every CVE — across CWE-400 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →