CVEs classified under CWE-606, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2026-27689 — CVSS 7.7 (high): Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and…
CVE-2026-1519 — CVSS 7.5 (high): If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU…
CVE-2025-43801 — CVSS 7.5 (high): Unchecked input for loop condition vulnerability in XML-RPC in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and…
CVE-2024-34486 — CVSS 7.5 (high): OFPPacketQueue in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via OFPQueueProp.len=0.
CVE-2024-13931 — CVSS 7.2 (high): Relative Path Traversal vulnerabilities in ASPECT allow access to file resources if session administrator credentials become compromised…
CVE-2026-27145 — CVSS 6.5 (medium): (*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This…
CVE-2025-42930 — CVSS 6.5 (medium): SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters…
CVE-2019-25624 — CVSS 6.2 (medium): Liquid Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed…
CVE-2023-6237 — CVSS 5.9 (medium): Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function…
CVE-2026-5950 — CVSS 5.3 (medium): An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote…
CVE-2024-4603 — CVSS 5.3 (medium): Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions…
CVE-2026-0243: A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network…
CVE-2024-13930 — CVSS 4.9 (medium): An Unchecked Loop Condition in ASPECT provides an attacker the ability to maliciously consume system resources if session administrator…
CVE-2026-41986 — CVSS 2.4 (low): Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability.