CWE-399(Resource Management Errors)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。
Weaknesses in this category are related to improper management of system resources.
これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。
| CVE | 公開 | 概要 |
|---|---|---|
| CVE-2026-41983 | 2026-06-09 | DoS vulnerability in the browser kernel. Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2024-58113 | 2025-04-07 | Vulnerability of improper resource management in the memory management module Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2024-20407 | 2024-10-23 | A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker t… |
| CVE-2024-20467 | 2024-09-25 | A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on… |
| CVE-2023-29267 | 2024-06-12 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5is vulnerable to a denial of service, under specific configurations, as the server may crash when using a speciall… |
| CVE-2022-43855 | 2024-03-08 | IBM SPSS Statistics 26.0, 27.0.1, and 28.0 IO Module could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service. |
| CVE-2023-20262 | 2023-09-27 | A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vul… |
| CVE-2023-20243 | 2023-09-06 | A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS … |
| CVE-2023-20014 | 2023-03-01 | A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to… |
| CVE-2022-43381 | 2022-12-23 | IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 238639. |
| CVE-2022-43380 | 2022-12-23 | IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX NFS kernel extension to cause a denial of service. IBM X-Force ID: 238640. |
| CVE-2022-43382 | 2022-12-20 | IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a local user with elevated privileges to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 238641. |
| CVE-2022-20949 | 2022-11-15 | A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an… |
| CVE-2022-20848 | 2022-09-30 | A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to … |
| CVE-2022-20847 | 2022-09-30 | A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of serv… |
| CVE-2022-20771 | 2022-05-04 | On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in the TIFF file parser of Clam AntiVi… |
| CVE-2022-20770 | 2022-05-04 | On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (… |
| CVE-2022-20767 | 2022-05-03 | A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a… |
| CVE-2022-20715 | 2022-05-03 | A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attac… |
| CVE-2022-20758 | 2022-04-15 | A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial … |
| 日付 | 名称 | バージョン | 重要度 | コメント |
|---|---|---|---|---|
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships, Other_Notes, Taxonomy_Mappings |
| 2009-05-27 | CWE Content Team | 1.4 | — | updated Relationships |
| 2014-06-23 | CWE Content Team | 2.7 | — | updated Other_Notes |
| 2014-07-30 | CWE Content Team | 2.8 | — | updated Detection_Factors |
| 2015-12-07 | CWE Content Team | 2.9 | — | updated Relationships |
| 2017-01-19 | CWE Content Team | 2.10 | — | updated Relationships |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Applicable_Platforms, Detection_Factors, Relationships |
| 2019-01-03 | CWE Content Team | 3.2 | — | updated Relationships |
| 2019-06-20 | CWE Content Team | 3.3 | — | updated Relationships |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Relationships |
| 2022-10-13 | CWE Content Team | 4.9 | — | updated References |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |