Vulnerabilities (CVE)

Filtered by CWE-770
Total 1167 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-43768 1 Couchbase 1 Couchbase Server 2025-04-23 N/A 7.5 HIGH
An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands.
CVE-2023-45873 1 Couchbase 1 Couchbase Server 2025-04-23 N/A 6.5 MEDIUM
An issue was discovered in Couchbase Server through 7.2.2. A data reader may cause a denial of service (application exist) because of the OOM killer.
CVE-2025-32959 2025-04-23 N/A 6.5 MEDIUM
CUBA Platform is a high level framework for enterprise applications development. Prior to version 7.2.23, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files, potentially causing the server to run out of space and return HTTP 500 error, resulting in a denial of service. This issue has been patched in version 7.2.23. A workaround is provided on the Jmix documentation website.
CVE-2022-20485 1 Google 1 Android 2025-04-22 N/A 7.8 HIGH
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242702935
CVE-2022-20484 1 Google 1 Android 2025-04-22 N/A 7.8 HIGH
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242702851
CVE-2022-20480 1 Google 1 Android 2025-04-22 N/A 7.8 HIGH
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764350
CVE-2023-51297 1 Phpjabbers 1 Hotel Booking System 2025-04-22 N/A 6.5 MEDIUM
A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.
CVE-2022-20479 1 Google 1 Android 2025-04-22 N/A 7.8 HIGH
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764340
CVE-2022-20478 1 Google 1 Android 2025-04-22 N/A 7.8 HIGH
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241764135
CVE-2022-20487 1 Google 1 Android 2025-04-22 N/A 7.8 HIGH
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703202
CVE-2022-20486 1 Google 1 Android 2025-04-22 N/A 7.8 HIGH
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703118
CVE-2017-5835 1 Libimobiledevice 1 Libplist 2025-04-20 5.0 MEDIUM 7.5 HIGH
libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
CVE-2017-9039 1 Gnu 1 Binutils 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.
CVE-2017-1227 1 Ibm 1 Bigfix Platform 2025-04-20 7.8 HIGH 7.5 HIGH
IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. IBM X-Force ID: 123906.
CVE-2017-5850 1 Openbsd 1 Openbsd 2025-04-20 7.8 HIGH 7.5 HIGH
httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header.
CVE-2017-12432 1 Imagemagick 1 Imagemagick 2025-04-20 7.1 HIGH 6.5 MEDIUM
In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service.
CVE-2017-0771 1 Google 1 Android 2025-04-20 7.1 HIGH 5.5 MEDIUM
A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37624243.
CVE-2017-0725 1 Google 1 Android 2025-04-20 4.3 MEDIUM 5.5 MEDIUM
A denial of service vulnerability in the Android media framework (libskia). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-37627194.
CVE-2017-12875 1 Imagemagick 1 Imagemagick 2025-04-20 7.1 HIGH 6.5 MEDIUM
The WritePixelCachePixels function in ImageMagick 7.0.6-6 allows remote attackers to cause a denial of service (CPU consumption) via a crafted file.
CVE-2017-6713 1 Cisco 1 Elastic Services Controller 2025-04-20 10.0 HIGH 9.8 CRITICAL
A vulnerability in the Play Framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to gain full access to the affected system. The vulnerability is due to static, default credentials for the Cisco ESC UI that are shared between installations. An attacker who can extract the static credentials from an existing installation of Cisco ESC could generate an admin session token that allows access to all instances of the ESC web UI. This vulnerability affects Cisco Elastic Services Controller prior to releases 2.3.1.434 and 2.3.2. Cisco Bug IDs: CSCvc76627.