CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24260 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24260
31 Mar 2025 — An attacker in a privileged position may be able to perform a denial-of-service. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-29908 – Netty QUIC hash collision DoS attack
https://notcve.org/view.php?id=CVE-2025-29908
31 Mar 2025 — Netty QUIC codec is a QUIC codec for netty which makes use of quiche. ... A hash collision vulnerability (in the hash map used to manage connections) allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). • https://github.com/ncc-pbottine/QUIC-Hash-Dos-Advisory • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2794 – Kentico Xperience Staging Unsafe Reflection Kentico Xperience
https://notcve.org/view.php?id=CVE-2025-2794
31 Mar 2025 — An unsafe reflection vulnerability in Kentico Xperience allows an unauthenticated attacker to kill the current process, leading to a Denial-of-Service condition. • https://devnet.kentico.com/download/hotfixes • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0881 – DDoS in Ubuntu package linux-bluefield
https://notcve.org/view.php?id=CVE-2023-0881
31 Mar 2025 — Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport of a commit regarding nft_lookup without the subsequent fixes that were introduced after this commit. The resolution of this CVE introduces those commits to the linux-bluefield package. • https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2006397 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-2402 – Hard-coded password for object store of KNIME Business Hub
https://notcve.org/view.php?id=CVE-2025-2402
31 Mar 2025 — A hard-coded, non-random password for the object store (minio) of KNIME Business Hub in all versions except the ones listed below allows an unauthenticated remote attacker in possession of the password to read and manipulate swapped jobs or read and manipulate in- and output data of active jobs. It is also possible to cause a denial-of-service of most functionality of KNIME Business Hub by writing large amounts of data to the object store direct... • https://www.knime.com/security/advisories#CVE-2025-2402 • CWE-259: Use of Hard-coded Password •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2958 – TRENDnet TEW-818DRU HTTP Request httpd denial of service
https://notcve.org/view.php?id=CVE-2025-2958
30 Mar 2025 — Affected by this vulnerability is an unknown functionality of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to denial of service. ... Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.302011 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 4.8EPSS: 0%CPEs: -EXPL: 1CVE-2025-2953 – PyTorch torch.mkldnn_max_pool2d denial of service
https://notcve.org/view.php?id=CVE-2025-2953
30 Mar 2025 — The manipulation leads to denial of service. ... Dank Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/pytorch/pytorch/issues/149274 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30211 – KEX init error results with excessive memory usage
https://notcve.org/view.php?id=CVE-2025-30211
28 Mar 2025 — Erlang/OTP is a set of libraries for the Erlang programming language. ... Big KEX init packet may lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data. ... It was discovered that Erlang OTP's SSH module did not limit the size of certain data in initialization messages. An attacker could possibly use this issue to consume large amount of memory leading to a denial of service
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27932
https://notcve.org/view.php?id=CVE-2025-27932
28 Mar 2025 — Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file deletion process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, an attacker may delete a file on the device or cause a denial of service (DoS) condition. • https://jvn.jp/en/jp/JVN04278547 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38985
https://notcve.org/view.php?id=CVE-2024-38985
28 Mar 2025 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/32c0a48023036e51918f6a098f21953d • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •