CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8063 – Divide by Zero in ollama/ollama
https://notcve.org/view.php?id=CVE-2024-8063
20 Mar 2025 — This can lead to a denial of service (DoS) condition when the server processes the model, causing it to crash. • https://huntr.com/bounties/fd8e1ed6-21d2-4c9e-8395-2098f11b7db9 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 1CVE-2024-11040 – Denial of Service in vllm-project/vllm
https://notcve.org/view.php?id=CVE-2024-11040
20 Mar 2025 — vllm-project vllm version 0.5.2.2 is vulnerable to Denial of Service attacks. • https://github.com/gothburz/CVE-2024-11040 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0189 – Denial of Service in aimhubio/aim
https://notcve.org/view.php?id=CVE-2025-0189
20 Mar 2025 — In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. ... This causes the server to become unresponsive to other requests while processing the large image, leading to a denial of service condition. • https://huntr.com/bounties/e4c9bf41-72cf-4d04-baaf-8f12b5b7926e • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0312 – NULL Pointer Dereference in ollama/ollama
https://notcve.org/view.php?id=CVE-2025-0312
20 Mar 2025 — A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service (DoS) attack via remote network. • https://huntr.com/bounties/522c87b6-a7ac-41b2-84f3-62fd58921f21 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10051 – Unauthenticated Denial of Service in shaunwei/realchar
https://notcve.org/view.php?id=CVE-2024-10051
20 Mar 2025 — Realchar version v0.0.4 is vulnerable to an unauthenticated denial of service (DoS) attack. The vulnerability exists in the file upload request handling, where appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request causes the server to continuously process each character. This leads to excessive resource consumption and renders the service unavailable. The issue is unauthenticated and does not require any user i... • https://huntr.com/bounties/6db72368-e7bc-43ee-a4ae-6092f710c263 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12534 – Denial of Service (DoS) in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-12534
20 Mar 2025 — In version v0.3.32 of open-webui/open-webui, the application allows users to submit large payloads in the email and password fields during the sign-in process due to the lack of character length validation on these inputs. This vulnerability can lead to a Denial of Service (DoS) condition when a user submits excessively large strings, exhausting server resources such as CPU, memory, and disk space, and rendering the service unavailable for legit... • https://huntr.com/bounties/c7c0a4e6-acd3-49b4-8684-2c2c27014b76 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-1451 – Insufficient Patch Leading to DoS in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2025-1451
20 Mar 2025 — A vulnerability in parisneo/lollms-webui v13 arises from the server's handling of multipart boundaries in file uploads. The server does not limit or validate the length of the boundary or the characters appended to it, allowing an attacker to craft requests with excessively long boundaries, leading to resource exhaustion and eventual denial of service (DoS). Despite an attempted patch in commit 483431bb, which blocked hyphen characters from being appen... • https://huntr.com/bounties/63f5aea4-953b-4b38-9f10-3afe425be1d4 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7768 – Denial of Service in h2oai/h2o-3
https://notcve.org/view.php?id=CVE-2024-7768
20 Mar 2025 — A vulnerability in the `/3/ImportFiles` endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. • https://huntr.com/bounties/3fe640df-bef4-4072-8890-0d12bc2818f6 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10188 – Denial of Service in BerriAI/litellm
https://notcve.org/view.php?id=CVE-2024-10188
20 Mar 2025 — A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of ast.literal_eval to parse user input. This function is not safe and is prone to DoS attacks, which can crash the litellm Python server. • https://github.com/berriai/litellm/commit/21156ff5d0d84a7dd93f951ca033275c77e4f73c • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12864 – Unauthenticated DoS by Sending Large Filename at File Upload Endpoint in netease-youdao/qanything
https://notcve.org/view.php?id=CVE-2024-12864
20 Mar 2025 — A Denial of Service (DoS) vulnerability was discovered in the file upload feature of netease-youdao/qanything version v2.0.0. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. ... This attack does not require authentication, making it highly scalable and increasing the risk of exploitation. • https://huntr.com/bounties/365c3b9a-180c-4bb5-98d8-dbd78d93fcb7 • CWE-400: Uncontrolled Resource Consumption •