CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7768 – Denial of Service in h2oai/h2o-3
https://notcve.org/view.php?id=CVE-2024-7768
20 Mar 2025 — A vulnerability in the `/3/ImportFiles` endpoint of h2oai/h2o-3 version 3.46.1 allows an attacker to cause a denial of service. • https://huntr.com/bounties/3fe640df-bef4-4072-8890-0d12bc2818f6 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10188 – Denial of Service in BerriAI/litellm
https://notcve.org/view.php?id=CVE-2024-10188
20 Mar 2025 — A vulnerability in BerriAI/litellm, as of commit 26c03c9, allows unauthenticated users to cause a Denial of Service (DoS) by exploiting the use of ast.literal_eval to parse user input. This function is not safe and is prone to DoS attacks, which can crash the litellm Python server. • https://github.com/berriai/litellm/commit/21156ff5d0d84a7dd93f951ca033275c77e4f73c • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12864 – Unauthenticated DoS by Sending Large Filename at File Upload Endpoint in netease-youdao/qanything
https://notcve.org/view.php?id=CVE-2024-12864
20 Mar 2025 — A Denial of Service (DoS) vulnerability was discovered in the file upload feature of netease-youdao/qanything version v2.0.0. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. ... This attack does not require authentication, making it highly scalable and increasing the risk of exploitation. • https://huntr.com/bounties/365c3b9a-180c-4bb5-98d8-dbd78d93fcb7 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-8057 – Improper Access Control in danswer-ai/danswer
https://notcve.org/view.php?id=CVE-2024-8057
20 Mar 2025 — In version 0.4.1 of danswer-ai/danswer, a vulnerability exists where a basic user can create credentials and link them to an existing connector. ... This can lead to excessive resource consumption, potentially resulting in a Denial of Service (DoS) and other significant issues, impacting the system's stability and security. • https://huntr.com/bounties/b5991b98-a721-4acd-8ef2-980e15682913 • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-0191 – Denial of Service in gaizhenbiao/chuanhuchatgpt
https://notcve.org/view.php?id=CVE-2025-0191
20 Mar 2025 — A Denial of Service (DoS) vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. • https://huntr.com/bounties/c89a1dfd-a733-41b3-af20-6ef6024361eb • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10624 – Regular Expression Denial of Service (ReDoS) in gradio-app/gradio
https://notcve.org/view.php?id=CVE-2024-10624
20 Mar 2025 — A Regular Expression Denial of Service (ReDoS) vulnerability exists in the gradio-app/gradio repository, affecting the gr.Datetime component. ... The vulnerability arises from the use of a regular expression `^(?... An attacker can exploit this by sending a crafted HTTP request, causing the gradio process to consume 100% CPU and potentially leading to a Denial of Service (DoS) condition on the server. • https://huntr.com/bounties/e8d0b248-8feb-4c23-9ef9-be4d1e868374 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-0187 – Denial of Service (DoS) by Sending Large Filename at File Upload Endpoint in gradio-app/gradio
https://notcve.org/view.php?id=CVE-2025-0187
20 Mar 2025 — A Denial of Service (DoS) vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. • https://huntr.com/bounties/77f3ed54-9e1c-4d9f-948f-ee6f82e2fe24 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-9229 – Denial of Service (DoS) via Multipart Boundary in stangirard/quivr
https://notcve.org/view.php?id=CVE-2024-9229
20 Mar 2025 — A Denial of Service (DoS) vulnerability in the file upload feature of stangirard/quivr v0.0.298 allows unauthenticated attackers to cause excessive resource consumption by appending characters to the end of a multipart boundary in an HTTP request. This leads to the server continuously processing each character, rendering the service unavailable and impacting all users. • https://huntr.com/bounties/946a412d-422f-4623-bb1d-d2646ad23dfd • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-9437 – Unauthenticated Denial of Service in transformeroptimus/superagi
https://notcve.org/view.php?id=CVE-2024-9437
20 Mar 2025 — SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service (DoS) attack. The vulnerability exists in the resource upload request, where appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request causes the server to continuously process each character. This leads to excessive resource consumption and renders the service unavailable. The issue is unauthenticated and does not require any user inter... • https://huntr.com/bounties/27404e9c-eb3d-4626-a9d9-8dc1b3295ce0 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7983 – Denial of Service in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-7983
20 Mar 2025 — In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. • https://huntr.com/bounties/f8156ca5-1328-480f-a72b-8d3dfdad87dc • CWE-400: Uncontrolled Resource Consumption •