Weaknesses of type CWE-400

2,397 results
CVE-2026-56018HIGHJavaScript::Minifier::XS versions before 0.16 for Perl leak memory on every call to minify(), allowing unbounded memory growthEPSS 0.6%CVE-2026-20652HIGHThe issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOSEPSS 0.6%CVE-2023-32341MEDIUMIBM Sterling B2B Integrator denial of serviceEPSS 0.6%CVE-2024-22332MEDIUMIBM Integration Bus for z/OS denial of serviceEPSS 0.6%CVE-2024-11498MEDIUMResource exhaustion via Stack overflow in libjxlEPSS 0.6%CVE-2023-40586HIGHgo package github.com/corazawaf/coraza is vulnerable to denial of serviceEPSS 0.6%CVE-2023-23524HIGHA denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, waEPSS 0.6%CVE-2023-3782MEDIUMDoS of the OkHttp client when using a BrotliInterceptor and surfing to a malicious web server, or when an attacker can perform MitM to inject a Brotli zip-bomb into an HTTP responseEPSS 0.6%CVE-2025-46728HIGHcpp-httplib has Unbounded Memory Allocation in Chunked/No-Length RequestsEPSS 0.6%CVE-2024-27354HIGHAn issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certEPSS 0.6%CVE-2022-31079MEDIUMKubeEdge Cloud Stream and Edge Stream DoS from large stream messageEPSS 0.6%CVE-2022-31078MEDIUMKubeEdge CloudCore Router memory exhaustionEPSS 0.6%CVE-2023-2785MEDIUMSpecially crafted search query can cause large log entries in postgresEPSS 0.6%CVE-2024-37299MEDIUMDiscourse vulnerable to DoS via Tag GroupEPSS 0.6%CVE-2024-23824MEDIUMmailcow ipixel flood attack leads to Denial of Service in admin pageEPSS 0.6%CVE-2024-21523HIGHAll versions of the package images are vulnerable to Denial of Service (DoS) due to providing unexpected input types to several different fuEPSS 0.6%CVE-2020-15101LOWNested directory structure can lead to Uncontrolled Resource Consumption in freewvsEPSS 0.6%CVE-2024-21521HIGHAll versions of the package @discordjs/opus are vulnerable to Denial of Service (DoS) due to providing an input object with a property toStrEPSS 0.6%CVE-2020-15853MEDIUMsupybot-fedora implements the command 'refresh', that refreshes the cache of all users from FAS. This takes quite a while to run, and zodbotEPSS 0.6%CVE-2022-46315HIGHThe ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. EPSS 0.6%