Fallos del tipo CWE-770
1308 resultadosCVE-2023-50387HIGHCertain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of serEPSS 100.0%CVE-2019-11478MEDIUMSACK can cause extensive memory use via fragmented resend queueEPSS 94.7%CVE-2024-27316HIGHApache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation framesEPSS 91.3%CVE-2024-28182MEDIUMReading unbounded number of HTTP/2 CONTINUATION frames to cause excessive CPU usageEPSS 85.0%CVE-2023-0921MEDIUMAllocation of Resources Without Limits or Throttling in GitLabEPSS 84.4%CVE-2023-2650MEDIUMPossible DoS translating ASN.1 object identifiersEPSS 77.9%CVE-2008-5180MEDIUMMicrosoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumpEPSS 68.0%CVE-2025-48976HIGHApache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headersEPSS 63.3%CVE-2023-38039HIGHWhen curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed later via the libcurl headers API.
HoweveEPSS 62.2%CVE-2025-48988HIGHApache Tomcat: FileUpload large number of parts with headers DoSEPSS 53.2%CVE-2023-23969HIGHIn Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoEPSS 47.1%CVE-2023-24998—Apache Commons FileUpload, Apache Tomcat: FileUpload DoS with excessive partsEPSS 46.8%CVE-2025-26466MEDIUMOpenssh: denial-of-service in opensshEPSS 38.5%CVE-2022-22950—n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expEPSS 36.7%CVE-2024-2454MEDIUMAllocation of Resources Without Limits or Throttling in GitLabEPSS 33.3%CVE-2022-32206MEDIUMcurl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentiallyEPSS 32.0%CVE-2022-32205MEDIUMA malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sEPSS 26.9%CVE-2023-31472HIGHAn issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in which an empty file can be created anywhere on EPSS 19.9%CVE-2024-2878HIGHAllocation of Resources Without Limits or Throttling in GitLabEPSS 17.6%CVE-2021-32675HIGHDoS vulnerability in RedisEPSS 15.8%