Skip to main content

CWE-410

Insufficient Resource Pool

8 CVEs Avg CVSS 6.2 MITRE
0
CRITICAL
3
HIGH
4
MEDIUM
1
LOW
1
POC
0
KEV

Monthly

CVE-2026-34019 MEDIUM PATCH This Month

Denial of service in F5 BIG-IP affects the Traffic Management Microkernel (TMM) when Bidirectional Forwarding Detection (BFD) is configured with static or dynamic routing protocols. Undisclosed traffic patterns cause TMM to stop processing BFD packets, triggering unintended failover of the configured routing protocol. Remote unauthenticated attackers can trigger this condition over the network with low complexity, resulting in availability loss for BFD-dependent routing operations.

Information Disclosure Big Ip
NVD VulDB
CVSS 4.0
6.3
EPSS
0.1%
CVE-2025-2134 LOW Monitor

Jazz Reporting Service versions up to 7.0.3 contains a vulnerability that allows attackers to an authenticated user on the network to affect the system's performance using co (CVSS 3.5).

IBM
NVD
CVSS 3.1
3.5
EPSS
0.0%
CVE-2025-12986 MEDIUM This Month

When a WF200/WGM160P device is configured to operate as an Access Point, it may be vulnerable to a denial of service triggered by a malformed packet. The device may recover automatically or require a hard reset.

Information Disclosure
NVD
CVSS 4.0
6.0
EPSS
0.0%
CVE-2025-41653 HIGH This Month

An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the device's web server functionality by sending a specially crafted HTTP request with a malicious header,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-20103 MEDIUM PATCH This Month

Insufficient resource pool in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Red Hat Intel Suse
NVD
CVSS 4.0
5.7
EPSS
0.1%
CVE-2025-27479 HIGH Act Now

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 39.5% and no vendor patch available.

Windows Authentication Bypass Microsoft Windows Server 2012 Windows Server 2016 +4
NVD
CVSS 3.1
7.5
EPSS
39.5%
CVE-2025-27694 MEDIUM This Month

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dell Wyse Management Suite
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-0453 PyPI HIGH POC This Week

In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service AI / ML Mlflow
NVD
CVSS 3.1
7.5
EPSS
0.1%
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Denial of service in F5 BIG-IP affects the Traffic Management Microkernel (TMM) when Bidirectional Forwarding Detection (BFD) is configured with static or dynamic routing protocols. Undisclosed traffic patterns cause TMM to stop processing BFD packets, triggering unintended failover of the configured routing protocol. Remote unauthenticated attackers can trigger this condition over the network with low complexity, resulting in availability loss for BFD-dependent routing operations.

Information Disclosure Big Ip
NVD VulDB
EPSS 0% CVSS 3.5
LOW Monitor

Jazz Reporting Service versions up to 7.0.3 contains a vulnerability that allows attackers to an authenticated user on the network to affect the system's performance using co (CVSS 3.5).

IBM
NVD
EPSS 0% CVSS 6.0
MEDIUM This Month

When a WF200/WGM160P device is configured to operate as an Access Point, it may be vulnerable to a denial of service triggered by a malformed packet. The device may recover automatically or require a hard reset.

Information Disclosure
NVD
EPSS 0% CVSS 7.5
HIGH This Month

An unauthenticated remote attacker can exploit a denial-of-service vulnerability in the device's web server functionality by sending a specially crafted HTTP request with a malicious header,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

Insufficient resource pool in the core management mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Red Hat Intel +1
NVD
EPSS 39% CVSS 7.5
HIGH Act Now

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 39.5% and no vendor patch available.

Windows Authentication Bypass Microsoft +6
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Insufficient Resource Pool vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Dell Wyse Management Suite
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service AI / ML Mlflow
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy