CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-8057 – Improper Access Control in danswer-ai/danswer
https://notcve.org/view.php?id=CVE-2024-8057
20 Mar 2025 — This can lead to excessive resource consumption, potentially resulting in a Denial of Service (DoS) and other significant issues, impacting the system's stability and security. • https://huntr.com/bounties/b5991b98-a721-4acd-8ef2-980e15682913 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-0191 – Denial of Service in gaizhenbiao/chuanhuchatgpt
https://notcve.org/view.php?id=CVE-2025-0191
20 Mar 2025 — A Denial of Service (DoS) vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. • https://huntr.com/bounties/c89a1dfd-a733-41b3-af20-6ef6024361eb • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10624 – Regular Expression Denial of Service (ReDoS) in gradio-app/gradio
https://notcve.org/view.php?id=CVE-2024-10624
20 Mar 2025 — A Regular Expression Denial of Service (ReDoS) vulnerability exists in the gradio-app/gradio repository, affecting the gr.Datetime component. ... An attacker can exploit this by sending a crafted HTTP request, causing the gradio process to consume 100% CPU and potentially leading to a Denial of Service (DoS) condition on the server. • https://huntr.com/bounties/e8d0b248-8feb-4c23-9ef9-be4d1e868374 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-0187 – Denial of Service (DoS) by Sending Large Filename at File Upload Endpoint in gradio-app/gradio
https://notcve.org/view.php?id=CVE-2025-0187
20 Mar 2025 — A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. • https://huntr.com/bounties/77f3ed54-9e1c-4d9f-948f-ee6f82e2fe24 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-9229 – Denial of Service (DoS) via Multipart Boundary in stangirard/quivr
https://notcve.org/view.php?id=CVE-2024-9229
20 Mar 2025 — A Denial of Service (DoS) vulnerability in the file upload feature of stangirard/quivr v0.0.298 allows unauthenticated attackers to cause excessive resource consumption by appending characters to the end of a multipart boundary in an HTTP request. This leads to the server continuously processing each character, rendering the service unavailable and impacting all users. • https://huntr.com/bounties/946a412d-422f-4623-bb1d-d2646ad23dfd • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-9437 – Unauthenticated Denial of Service in transformeroptimus/superagi
https://notcve.org/view.php?id=CVE-2024-9437
20 Mar 2025 — SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service (DoS) attack. The vulnerability exists in the resource upload request, where appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request causes the server to continuously process each character. This leads to excessive resource consumption and renders the service unavailable. The issue is unauthenticated and does not require any user interaction,... • https://huntr.com/bounties/27404e9c-eb3d-4626-a9d9-8dc1b3295ce0 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7983 – Denial of Service in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-7983
20 Mar 2025 — A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. • https://huntr.com/bounties/f8156ca5-1328-480f-a72b-8d3dfdad87dc • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10714 – Denial of Service in binary-husky/gpt_academic
https://notcve.org/view.php?id=CVE-2024-10714
20 Mar 2025 — A vulnerability in binary-husky/gpt_academic version 3.83 allows an attacker to cause a Denial of Service (DoS) by adding excessive characters to the end of a multipart boundary during file upload. • https://huntr.com/bounties/3e25b76c-714f-4948-8f5a-0ec9a6500068 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11173 – Unhandled Exception in danny-avila/librechat
https://notcve.org/view.php?id=CVE-2024-11173
20 Mar 2025 — An unhandled exception in the danny-avila/librechat repository, version git 600d217, can cause the server to crash, leading to a full denial of service. • https://github.com/danny-avila/librechat/commit/95a212534f1c5991bd1231a34ac3668b4b592cc3 • CWE-248: Uncaught Exception •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12391 – Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic
https://notcve.org/view.php?id=CVE-2024-12391
20 Mar 2025 — A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. ... Certain regular expressions can cause the Python RE engine to take exponential time to execute, leading to a Denial of Service (DoS) condition. An attacker who controls both the regular expression and the search string can exploit this vulnerability to hang the server for an arbitrary amount of time. • https://huntr.com/bounties/70b3f4f0-6b1b-4563-a18c-fe46502e6ba0 • CWE-183: Permissive List of Allowed Inputs •