CVSS: 5.3EPSS: %CPEs: 1EXPL: 0CVE-2025-54777
https://notcve.org/view.php?id=CVE-2025-54777
29 Aug 2025 — If a malformed file is imported as an S/MIME Email certificate, it may cause a denial-of-service issue that disable the Web Connection feature. • https://www.konicaminolta.jp/business/support/important/250829_01_01.html • CWE-248: Uncaught Exception •
CVSS: 7.8EPSS: %CPEs: 2EXPL: 0CVE-2025-6203 – Vault unauthenticated denial of service through complex json payload
https://notcve.org/view.php?id=CVE-2025-6203
28 Aug 2025 — A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. • https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.4EPSS: %CPEs: -EXPL: 0CVE-2025-9195
https://notcve.org/view.php?id=CVE-2025-9195
28 Aug 2025 — Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service • https://www.solidigm.com/support-page/support-security.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: %CPEs: 4EXPL: 0CVE-2025-58047 – Volto affected by possible DoS by invoking specific URL by anonymous user
https://notcve.org/view.php?id=CVE-2025-58047
28 Aug 2025 — In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a specific URL. • https://github.com/plone/volto/security/advisories/GHSA-xjhf-7833-3pm5 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-34523 – Arcserve UDP < 10.2 Pre-Authentication Heap Overflow
https://notcve.org/view.php?id=CVE-2025-34523
27 Aug 2025 — A heap-based buffer overflow vulnerability exists in the exists in the network-facing input handling routines of Arcserve Unified Data Protection (UDP). ... By sending specially crafted data, a remote attacker can corrupt heap memory, potentially causing a denial of service or enabling arbitrary code execution depending on the memory layout and exploitation techniques used. ... No user interaction is required, and exploitation occurs in the context of the vulnerable proces... • https://support.arcserve.com/s/article/Important-Security-Bulletin-Must-read-for-all-Arcserve-UDP-customers-on-all-versions • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-3601 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-3601
27 Aug 2025 — An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to cause a Denial of Service (DoS) condition by submitting URLs that generate excessively large responses. • https://gitlab.com/gitlab-org/gitlab/-/issues/536034 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1CVE-2025-4225 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-4225
27 Aug 2025 — An issue has been discovered in GitLab CE/EE affecting all versions from 14.1 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that that under certain conditions could have allowed an unauthenticated attacker to cause a denial-of-service condition affecting all users by sending specially crafted GraphQL requests. • https://gitlab.com/gitlab-org/gitlab/-/issues/538983 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.4EPSS: 0%CPEs: 64EXPL: 0CVE-2025-20241 – Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol <TBD> Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20241
27 Aug 2025 — A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. ... A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device t... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx •
CVSS: 5.0EPSS: 0%CPEs: 64EXPL: 0CVE-2025-20262 – Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20262
27 Aug 2025 — A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerab... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-0081
https://notcve.org/view.php?id=CVE-2025-0081
26 Aug 2025 — In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. • https://android.googlesource.com/platform/external/dng_sdk/+/7fc02c8d5af37c97b325dc2956f4a6117c145c2f • CWE-457: Use of Uninitialized Variable •