Weaknesses of type CWE-770

1,317 results

CVE-2024-12705HIGHDNS-over-HTTPS implementation suffers from multiple issues under heavy query loadEPSS 15.7%CVE-2025-32873MEDIUMAn issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is EPSS 14.0%CVE-2026-21710HIGHA flaw in Node.js HTTP request handling causes an uncaught `TypeError` when a request is received with a header named `__proto__` and the apEPSS 13.1%CVE-2024-6037HIGHArbitrary Folder Creation in gaizhenbiao/chuanhuchatgptEPSS 10.6%CVE-2021-33910MEDIUMbasic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupEPSS 8.6%CVE-2022-29404—Denial of service in mod_lua r:parsebodyEPSS 5.7%CVE-2023-34396MEDIUMApache Struts: DoS via OOM owing to no sanity limit on normal form fields in multipart formsEPSS 5.5%CVE-2023-34149MEDIUMApache Struts: DoS via OOM owing to not properly checking of list boundsEPSS 5.4%CVE-2020-8203—Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.EPSS 5.2%CVE-2024-0760HIGHA flood of DNS messages over TCP may make the server unstableEPSS 4.7%CVE-2020-25648—A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS EPSS 3.9%CVE-2024-30156HIGHVarnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 LTS), and Varnish Enterprise 6 before 6.0.12r6, allows credits exhaustiEPSS 3.7%CVE-2022-21294MEDIUMVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions EPSS 3.4%CVE-2021-43045—Possible DOS vulnerabilities in C# Avro SDKEPSS 3.0%CVE-2018-16865HIGHAn allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journaEPSS 3.0%CVE-2022-22971—In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vuEPSS 2.9%CVE-2017-15124—VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as iEPSS 2.8%CVE-2019-15165MEDIUMsf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.EPSS 2.8%CVE-2021-1285HIGHMultiple Cisco Products SNORT Ethernet Frame Decoder Denial of Service VulnerabilityEPSS 2.8%CVE-2022-23913—Apache ActiveMQ Artemis DoSEPSS 2.7%

← previouspage 2 / 66next →