Weaknesses of type CWE-400

2,405 results
CVE-2025-3602HIGHLiferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 through 2023.Q3.2, 7.4 GA through update 92, 7.3 GA through update 35, and EPSS 0.4%CVE-2025-29898MEDIUMQsync CentralEPSS 0.4%CVE-2020-8299Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix EPSS 0.4%CVE-2024-5052HIGHResource consumption vulnerability in Cerberus FTP EnterpriseEPSS 0.4%CVE-2025-62706MEDIUMAuthlib : JWE zip=DEF decompression bomb enables DoSEPSS 0.4%CVE-2026-28435HIGHPayload size limit bypass via gzip decompression in ContentReader (streaming) allows oversized request bodies in cpp-httplibEPSS 0.4%CVE-2025-70069HIGHAn issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp and ConvertMeshMultiMaterial() metEPSS 0.4%CVE-2024-13058MEDIUMAuthenticated, non-admin users can create storage pools via the sifi APIEPSS 0.4%CVE-2026-47707MEDIUMStrawberry GraphQL's Bypass of MaxAliasesLimiter via Fragment Spreads leading to GraphQL Alias AmplificationEPSS 0.4%CVE-2023-30311HIGHAn issue discovered in H3C Magic R365 and H3C Magic R100 routers allows attackers to hijack TCP sessions which could lead to a denial of serEPSS 0.4%CVE-2024-36743HIGHAn issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when an empty array is processed with oneflow.doEPSS 0.4%CVE-2024-37125HIGHDell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability.EPSS 0.4%CVE-2024-42651HIGHNanoMQ v0.17.9 was discovered to contain a heap use-after-free vulnerability via the component sub_Ctx_handle. This vulnerability allows attEPSS 0.4%CVE-2025-57614HIGHAn issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) Integer overflow and invalid input vulnerability in the cached method allEPSS 0.4%CVE-2025-59139MEDIUMHono has Body Limit Middleware BypassEPSS 0.4%CVE-2022-43893LOWIBM Security Verify Privilege denial of serviceEPSS 0.4%CVE-2022-23951MEDIUMIn Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs.EPSS 0.4%CVE-2026-49293HIGHCPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literalsEPSS 0.4%CVE-2025-61303CRITICALHatching Triage Sandbox Windows 10 build 2004 (2025-08-14) and Windows 10 LTSC 2021(2025-08-14) contains a vulnerability in its Windows behaEPSS 0.4%CVE-2026-4704HIGHDenial-of-service in the WebRTC: Signaling componentEPSS 0.4%