CWE-400 · Uncontrolled Resource Consumption

3161 CVEs classified under CWE-400 (Uncontrolled Resource Consumption). Browse by severity and year.

Top CVEs for CWE-400
CVESeverityScorePublishedSummary
CVE-2021-44228Critical10.02021-12-10Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameter…
CVE-2026-46775Critical9.92026-05-28Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows…
CVE-2025-70327Critical9.82026-02-23TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The i…
CVE-2025-61303Critical9.82025-10-20Hatching Triage Sandbox Windows 10 build 2004 (2025-08-14) and Windows 10 LTSC 2021(2025-08-14) contains a vulnerability in its Windows behavioral analysis eng…
CVE-2025-43193Critical9.82025-07-30The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able…
CVE-2025-24269Critical9.82025-03-31The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to cause unexpected system termination.
CVE-2025-24264Critical9.82025-03-31The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18…
CVE-2025-24260Critical9.82025-03-31The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker in a p…
CVE-2025-24247Critical9.82025-03-31A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker ma…
CVE-2025-24211Critical9.82025-03-31This issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5…
CVE-2025-24190Critical9.82025-03-31The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5…
CVE-2024-45166Critical9.82024-08-22An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction…
CVE-2024-39462Critical9.82024-06-25In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign ->num before accessing ->hws Commit f316cdff8d67 ("clk: Annotate st…
CVE-2022-48716Critical9.82024-06-20In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in…
CVE-2024-36543Critical9.82024-06-17Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, po…
CVE-2024-25718Critical9.82024-02-11In the Samly package before 1.4.0 for Elixir, Samly.State.Store.get_assertion/3 can return an expired session, which interferes with access control because Sam…
CVE-2023-41294Critical9.82023-09-25The DP module has a service hijacking vulnerability.Successful exploitation of this vulnerability may affect some Super Device services.
CVE-2023-28507Critical9.82023-03-29Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a memory-exhaustio…
CVE-2021-3821Critical9.82022-12-12A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Denial of Service when runni…
CVE-2013-20004Critical9.82022-02-06A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker coul…