Weaknesses of type CWE-400
2,380 resultsCVE-2026-46522HIGHImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustionEPSS 1.3%CVE-2018-17898—Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The controller application fails to prevent memoryEPSS 1.3%CVE-2024-47554MEDIUMApache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReaderEPSS 1.2%CVE-2022-3411MEDIUMA lack of length validation in GitLab CE/EE affecting all versions from 12.4 before 15.6.7, 15.7 before 15.7.6, and 15.8 before 15.8.1 allowEPSS 1.2%CVE-2022-21708MEDIUMDenial of Service in graphql-goEPSS 1.2%CVE-2023-1733MEDIUMA denial of service condition exists in the Prometheus server bundled with GitLab affecting all versions from 11.10 to 15.8.5, 15.9 to 15.9.EPSS 1.2%CVE-2020-3305MEDIUMCisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service VulnerabilityEPSS 1.2%CVE-2020-3306MEDIUMCisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service VulnerabilityEPSS 1.2%CVE-2023-31418HIGHElasticsearch uncontrolled resource consumptionEPSS 1.2%CVE-2018-10864MEDIUMAn uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker mayEPSS 1.2%CVE-2021-20298—A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhauEPSS 1.2%CVE-2023-2778HIGHRockwell Automation FactoryTalk Transaction Manager Vulnerable to Denial-Of-ServiceEPSS 1.2%CVE-2023-50685HIGHAn issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service via a crafted script to the client_port paEPSS 1.2%CVE-2023-0518MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 before 15.6.7, all versions starting from 15.7 beforeEPSS 1.2%CVE-2022-3759MEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 14.3 before 15.6.7, all versions starting from 15.7 beforeEPSS 1.2%CVE-2017-16136—method-override is a module used by the Express.js framework to let you use HTTP verbs such as PUT or DELETE in places where the client doesEPSS 1.2%CVE-2020-14326—A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results in hash flooding, leading to slower requEPSS 1.2%CVE-2020-15114HIGHDenial of Service in etcdEPSS 1.2%CVE-2018-1107—It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to havEPSS 1.2%CVE-2020-14297MEDIUMA flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumEPSS 1.2%