NotCVE - "denial of Service"

50658 results (0.249 seconds)

CVSS: 7.5EPSS: %CPEs: -EXPL: 0

CVE-2025-20678

https://notcve.org/view.php?id=CVE-2025-20678

02 Jun 2025 — In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2025 • CWE-674: Uncontrolled Recursion •

CVSS: 5.5EPSS: %CPEs: 1EXPL: 0

CVE-2025-20677

https://notcve.org/view.php?id=CVE-2025-20677

02 Jun 2025 — This could lead to local denial of service with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2025 • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: %CPEs: 1EXPL: 0

CVE-2025-20676

https://notcve.org/view.php?id=CVE-2025-20676

CVSS: 5.5EPSS: %CPEs: 1EXPL: 0

CVE-2025-20675

https://notcve.org/view.php?id=CVE-2025-20675

CVSS: 5.5EPSS: %CPEs: 1EXPL: 0

CVE-2025-20673

https://notcve.org/view.php?id=CVE-2025-20673

CVSS: 5.3EPSS: %CPEs: -EXPL: 1

CVE-2025-5404 – chaitak-gorai Blogbook GET Parameter search.php denial of service

https://notcve.org/view.php?id=CVE-2025-5404

01 Jun 2025 — This vulnerability affects unknown code of the file /search.php of the component GET Parameter Handler. The manipulation of the argument Search leads to denial of service. ... Mittels dem Manipulieren des Arguments Search mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/rllvusgnzm98/Report/blob/main/blogbook/BlogBook%20search.php%20search%20Parameter%20SQL%20Injection.md • CWE-404: Improper Resource Shutdown or Release •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-48944 – vLLM Tool Schema allows DoS via Malformed pattern and type Fields

https://notcve.org/view.php?id=CVE-2025-48944

30 May 2025 — These inputs are not validated before being compiled or parsed, causing a crash of the inference worker with a single request. • https://github.com/vllm-project/vllm/pull/17623 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-48943 – vLLM allows clients to crash the openai server with invalid regex

https://notcve.org/view.php?id=CVE-2025-48943

30 May 2025 — Version 0.8.0 up to but excluding 0.9.0 have a Denial of Service (ReDoS) that causes the vLLM server to crash if an invalid regex was provided while using structured output. This vulnerability is similar to GHSA-6qc9-v4r8-22xg/CVE-2025-48942, but for regex instead of a JSON schema. • https://github.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff • CWE-248: Uncaught Exception •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-48942 – vLLM DOS: Remotely kill vllm over http with invalid JSON schema

https://notcve.org/view.php?id=CVE-2025-48942

30 May 2025 — This vulnerability is similar GHSA-9hcf-v7m4-6m2j/CVE-2025-48943, but for regex instead of a JSON schema. • https://github.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff • CWE-248: Uncaught Exception •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-48887 – vLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`

https://notcve.org/view.php?id=CVE-2025-48887

30 May 2025 — vLLM, an inference and serving engine for large language models (LLMs), has a Regular Expression Denial of Service (ReDoS) vulnerability in the file `vllm/entrypoints/openai/tool_parsers/pythonic_tool_parser.py` of versions 0.6.4 up to but excluding 0.9.0. The root cause is the use of a highly complex and nested regular expression for tool call detection, which can be exploited by an attacker to cause severe performance degradation or make the service unavailable. • https://github.com/vllm-project/vllm/commit/4fc1bf813ad80172c1db31264beaef7d93fe0601 • CWE-1333: Inefficient Regular Expression Complexity •

1 2 3 4 5