CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21591 – Junos OS: An unauthenticated adjacent attacker sending a malformed DHCP packet causes jdhcpd to crash
https://notcve.org/view.php?id=CVE-2025-21591
09 Apr 2025 — A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to crash creating a Denial of Service (DoS) condition. Continuous receipt of these DHCP packets using the malformed DHCP Option will create a sustained Denial of Service (DoS) condition. • https://supportportal.juniper.net/JSA96448 • CWE-805: Buffer Access with Incorrect Length Value •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3475 – WEB-T - Moderately critical - Access bypass, Denial of service - SA-CONTRIB-2025-030
https://notcve.org/view.php?id=CVE-2025-3475
09 Apr 2025 — Allocation of Resources Without Limits or Throttling, Incorrect Authorization vulnerability in Drupal WEB-T allows Excessive Allocation, Content Spoofing.This issue affects WEB-T: from 0.0.0 before 1.1.0. • https://www.drupal.org/sa-contrib-2025-030 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-32380 – Apollo Router Query Validation Vulnerable to Excessive Resource Consumption via Named Fragment Processing
https://notcve.org/view.php?id=CVE-2025-32380
09 Apr 2025 — This could lead to excessive resource consumption and denial of service. • https://github.com/apollographql/router/commit/ab6675a63174715ea6ff50881fc957831d4e9564 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32381 – Denial of Service by abusing xgrammar unbounded cache in memory
https://notcve.org/view.php?id=CVE-2025-32381
09 Apr 2025 — Since the cache is unbounded, a system making use of xgrammar can be abused to fill up a host's memory and case a denial of service. For example, sending many small requests to an LLM inference server with unique JSON schemas would eventually cause this denial of service to occur. • https://github.com/mlc-ai/xgrammar/pull/243 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32374 – Possible Denial of Service (DoS) in DNN.PLATFORM registration
https://notcve.org/view.php?id=CVE-2025-32374
09 Apr 2025 — Possible denial of service with specially crafted information in the public registration form. • https://github.com/dnnsoftware/Dnn.Platform/security/advisories/GHSA-vc6j-mcqj-rgfp • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-30642 – Trend Micro Deep Security Agent Link Following Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-30642
09 Apr 2025 — This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Deep Security Agent. ... An attacker can leverage this vulnerability to create a denial-of-service condition on the system. •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32464 – Ubuntu Security Notice USN-7431-1
https://notcve.org/view.php?id=CVE-2025-32464
09 Apr 2025 — A remote attacker could use this issue to cause HAProxy to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://github.com/haproxy/haproxy/commit/3e3b9eebf871510aee36c3a3336faac2f38c9559 • CWE-1025: Comparison Using Wrong Factors •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-32460 – Debian Security Advisory 5905-1
https://notcve.org/view.php?id=CVE-2025-32460
09 Apr 2025 — Two vulnerabilities have been discovered in GraphicsMagick, a set of command-line applications to manipulate image files, which may result in denial of service or the execution of arbitrary code if malformed image files are processed. • https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/8e56520435df50f618a03f2721a39a70a515f1cb • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27189 – Adobe Commerce | Cross-Site Request Forgery (CSRF) (CWE-352)
https://notcve.org/view.php?id=CVE-2025-27189
08 Apr 2025 — Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could be exploited to cause a denial-of-service condition. • https://helpx.adobe.com/security/products/magento/apsb25-26.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30300 – Adobe Framemaker | NULL Pointer Dereference (CWE-476)
https://notcve.org/view.php?id=CVE-2025-30300
08 Apr 2025 — Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html • CWE-476: NULL Pointer Dereference •