CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8061 – Denial of Service in aimhubio/aim
https://notcve.org/view.php?id=CVE-2024-8061
20 Mar 2025 — This can lead to a denial of service, as the tracking server does not respond to other requests while waiting. • https://huntr.com/bounties/c85d005c-b354-4c51-a88f-adda2f09622b • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11172 – Denial of Service in danny-avila/librechat
https://notcve.org/view.php?id=CVE-2024-11172
20 Mar 2025 — A vulnerability in danny-avila/librechat version git a1647d7 allows an unauthenticated attacker to cause a denial of service by sending a crafted payload to the server. • https://github.com/danny-avila/librechat/commit/976784c01fa4cce00d4c2941801d56aed375c21b • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12388 – Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic
https://notcve.org/view.php?id=CVE-2024-12388
20 Mar 2025 — A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. • https://huntr.com/bounties/b1c01c94-e477-41db-9d17-601aa25e351c • CWE-115: Misinterpretation of Input •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-0317 – Divide By Zero in ollama/ollama
https://notcve.org/view.php?id=CVE-2025-0317
20 Mar 2025 — This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service (DoS) attack. • https://huntr.com/bounties/a9951bca-9bd8-49b2-b143-4cd4219f9fa0 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-0182 – Denial of Service in danswer-ai/danswer
https://notcve.org/view.php?id=CVE-2025-0182
20 Mar 2025 — A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. ... The vulnerability can be exploited by sending multiple requests to the /auth/saml/callback endpoint, leading to uncontrolled memory consumption and eventual denial of service. • https://huntr.com/bounties/969b8056-b66c-4d70-8f77-04c1cbdc1d1a • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7036 – Denial of Service in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-7036
20 Mar 2025 — A vulnerability in open-webui/open-webui v0.3.8 allows an unauthenticated attacker to sign up with excessively large text in the 'name' field, causing the Admin panel to become unresponsive. This prevents administrators from performing essential user management actions such as deleting, editing, or adding users. The vulnerability can also be exploited by authenticated users with low privileges, leading to the same unresponsive state in the Admin panel. • https://huntr.com/bounties/ba62d093-ab27-48fa-9c53-0602c8cdc48a • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-6827 – HTTP Request Smuggling in benoitc/gunicorn
https://notcve.org/view.php?id=CVE-2024-6827
20 Mar 2025 — This vulnerability can lead to cache poisoning, data exposure, session manipulation, SSRF, XSS, DoS, data integrity compromise, security bypass, information leakage, and business logic abuse. • https://huntr.com/bounties/1b4f8f38-39da-44b6-9f98-f618639d0dd7 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-7033 – Arbitrary File Write in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-7033
20 Mar 2025 — This can result in overwriting critical system or application files, causing denial of service, or potentially achieving remote code execution (RCE). • https://huntr.com/bounties/7078261f-8414-4bb7-9d72-a2a4d8bfd5d1 • CWE-29: Path Traversal: '\..\filename' •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8028 – Denial of Service in danswer-ai/danswer
https://notcve.org/view.php?id=CVE-2024-8028
20 Mar 2025 — A vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to cause a Denial of Service (DoS) by uploading a file with a malformed multipart boundary. • https://huntr.com/bounties/55530ecb-0ac2-4dc1-9527-bf24de594a57 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10935 – Unauthenticated DoS via Multipart Boundary in automatic1111/stable-diffusion-webui
https://notcve.org/view.php?id=CVE-2024-10935
20 Mar 2025 — This flaw can be exploited by sending malformed multipart requests with arbitrary characters at the end of the boundary, leading to excessive resource consumption and a complete denial of service (DoS) for all users. • https://huntr.com/bounties/e6fdc6ed-f38d-4798-b60a-0e47893a81a6 • CWE-400: Uncontrolled Resource Consumption •