CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25057 – third_party_NuttX has a memory leak vulnerability
https://notcve.org/view.php?id=CVE-2025-25057
07 Apr 2025 — in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-04.md • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24304 – arkcompiler_ets_runtime has an out-of-bounds write vulnerability
https://notcve.org/view.php?id=CVE-2025-24304
07 Apr 2025 — in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds write. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-04.md • CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22842 – arkcompiler_ets_runtime has an out-of-bounds read vulnerability
https://notcve.org/view.php?id=CVE-2025-22842
07 Apr 2025 — in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-04.md • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22452 – arkcompiler_ets_runtime has an out-of-bounds read vulnerability
https://notcve.org/view.php?id=CVE-2025-22452
07 Apr 2025 — in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-04.md • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20102 – arkcompiler_ets_runtime has an out-of-bounds read vulnerability
https://notcve.org/view.php?id=CVE-2025-20102
07 Apr 2025 — in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-04.md • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: -EXPL: 0CVE-2025-27529 – Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-27529
07 Apr 2025 — This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Cleaner One Pro. ... Additionally, the vulnerability is triggered only when an administrator performs an install of the product. The specific flaw exists within the product installer. ... An attacker can leverage this vulnerability to create a denial-of-service condition on the system. •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-29478
https://notcve.org/view.php?id=CVE-2025-29478
07 Apr 2025 — An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165. • https://github.com/lmarch2/poc/blob/main/fluent-bit/fluent-bit.md • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-29480
https://notcve.org/view.php?id=CVE-2025-29480
07 Apr 2025 — Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. • https://github.com/lmarch2/poc/blob/main/gdal/gdal.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2259 – Eclipse ThreadX NetX Duo component HTTP server single PUT request integer underflow
https://notcve.org/view.php?id=CVE-2025-2259
06 Apr 2025 — In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one packet smaller than the data request size of the other packet. ... This issue follows an incomplete fix of CVE-2025-0727 • https://github.com/eclipse-threadx/netxduo/commit/fb3195bbb6d0d6fe71a7a19585c008623c217f9e • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2260 – Eclipse ThreadX NetX Duo HTTP component server denial of service
https://notcve.org/view.php?id=CVE-2025-2260
06 Apr 2025 — In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause a denial of service by specially crafted packets. The core issue is missing closing of a file in case of an error condition, resulting in the 404 error for each further file request. ... This issue follows an incomplete fix of CVE-2025-0726. • https://github.com/eclipse-threadx/netxduo/commit/fb3195bbb6d0d6fe71a7a19585c008623c217f9e • CWE-459: Incomplete Cleanup •