CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-8801 – Open5GS AMF gmm-sm.c gmm_state_exception denial of service
https://notcve.org/view.php?id=CVE-2025-8801
10 Aug 2025 — The manipulation leads to denial of service. ... The manipulation leads to denial of service. ... Durch Beeinflussen mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/open5gs/open5gs/commit/f47f2bd4f7274295c5fbb19e2f806753d183d09a • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-8800 – Open5GS AMF esm-handler.c esm_handle_pdn_connectivity_request denial of service
https://notcve.org/view.php?id=CVE-2025-8800
10 Aug 2025 — The manipulation leads to denial of service. ... The manipulation leads to denial of service. ... Durch das Beeinflussen mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/open5gs/open5gs/commit/701505102f514cbde2856cd2ebc9bedb7efc820d • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-8799 – Open5GS AMF npcf-build.c amf_nsmf_pdusession_build_create_sm_context denial of service
https://notcve.org/view.php?id=CVE-2025-8799
10 Aug 2025 — The manipulation leads to denial of service. ... The manipulation leads to denial of service. ... Durch Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/open5gs/open5gs/commit/cf63dd63197bf61a4b041aa364ba6a6199ab15e4 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-8732 – libxml2 xmlcatalog xmlParseSGMLCatalog recursion
https://notcve.org/view.php?id=CVE-2025-8732
08 Aug 2025 — An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. ... An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. • https://drive.google.com/file/d/1woIeYVcSQB_NwfEhaVnX6MedpWJ_nqWl/view?usp=drive_link • CWE-404: Improper Resource Shutdown or Release CWE-674: Uncontrolled Recursion •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-50952 – openSUSE Security Advisory - openSUSE-SU-2025:15430-1
https://notcve.org/view.php?id=CVE-2025-50952
07 Aug 2025 — An attacker could possibly use this issue to cause OpenJPEG to crash, resulting in a denial of service. ... An attacker could use this issue to cause OpenJPEG to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://github.com/uclouvain/openjpeg/issues/1505 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-48709 – BMC Control-M/Server cleartext database credentials in process lists and logs
https://notcve.org/view.php?id=CVE-2025-48709
07 Aug 2025 — Cuando el servidor Control-M tiene una conexión a la base de datos, ejecuta DBUStatus.exe con frecuencia, lo que a su vez llama a dbu_connection_details.vbs con el nombre de usuario, la contraseña, el nombre de host de la base de datos y el puerto escritos en texto sin cifrar, lo cual se puede ver en los registros de eventos y procesos en dos ubicaciones distintas. • https://bmc.com • CWE-214: Invocation of Process Using Visible Sensitive Information CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32094
https://notcve.org/view.php?id=CVE-2025-32094
07 Aug 2025 — En determinadas circunstancias, un cliente que realiza una solicitud HTTP/1.x OPTIONS con un encabezado "Expect: 100-continue" y utiliza un plegado de línea obsoleto, puede generar una discrepancia en la interpretación de la solicitud por parte de dos servidores Akamai en la ruta, lo que permite a un atacante introducir una segunda solicitud en el cuerpo original. • https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/100 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-54785 – SuiteCRM is Vulnerable to PHP Object Injection in Reports
https://notcve.org/view.php?id=CVE-2025-54785
06 Aug 2025 — In versions 7.14.6 and 8.8.0, user-supplied input is not validated/sanitized before it is passed to the unserialize function, which could lead to penetration, privilege escalation, sensitive data exposure, Denial of Service, cryptomining and ransomware. • https://docs.suitecrm.com/admin/releases/7.14.x/#_7_14_7 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47908 – Denial of service via malicious preflight requests in github.com/rs/cors
https://notcve.org/view.php?id=CVE-2025-47908
06 Aug 2025 — This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service. • https://github.com/rs/cors/issues/170 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23335
https://notcve.org/view.php?id=CVE-2025-23335
06 Aug 2025 — A successful exploit of this vulnerability might lead to denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-23335 • CWE-191: Integer Underflow (Wrap or Wraparound) •