CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-32032 – Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass
https://notcve.org/view.php?id=CVE-2025-32032
07 Apr 2025 — This could lead to excessive resource consumption and denial of service. • https://github.com/apollographql/router/commit/ab6675a63174715ea6ff50881fc957831d4e9564 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32031 – Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass
https://notcve.org/view.php?id=CVE-2025-32031
07 Apr 2025 — This could lead to excessive resource consumption and denial of service. • https://github.com/apollographql/federation/pull/3236 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32030 – Apollo Gateway Query Planner Vulnerable to Excessive Resource Consumption via Named Fragment Expansion
https://notcve.org/view.php?id=CVE-2025-32030
07 Apr 2025 — This could lead to excessive resource consumption and denial of service. • https://github.com/apollographql/federation/pull/3236 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31496 – apollo-compiler Named Fragment Processing Vulnerability
https://notcve.org/view.php?id=CVE-2025-31496
07 Apr 2025 — This could lead to excessive resource consumption and denial of service in applications. • https://github.com/apollographql/apollo-rs/pull/952 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32029 – ts-asn1-der has Incorrect DER Encoding of Numbers Leading to Denial of Service and Incorrect Value Representation
https://notcve.org/view.php?id=CVE-2025-32029
07 Apr 2025 — ts-asn1-der is a collection of utility classes to encode ASN.1 data following DER rule. Incorrect number DER encoding can lead to denial on service for absolute values in the range 2**31 -- 2**32 - 1. The arithmetic in the numBitLen didn't take into account that values in this range could result in a negative result upon applying the >> operator, leading to an infinite loop. The issue is patched in version 1.0.4. If upgrading is not an option, the issue can be mitigated by validating inputs to Asn1Integer t... • https://github.com/ApelegHQ/ts-asn1-der/commit/b2bc9032cbe19755d234a27d79e47a7e52993af8 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') CWE-1335: Incorrect Bitwise Shift of Integer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30195 – A crafted zone can lead to an illegal memory access in the PowerDNS Recursor
https://notcve.org/view.php?id=CVE-2025-30195
07 Apr 2025 — Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. • https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-01.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21448 – Buffer Over-read in WLAN Firmware
https://notcve.org/view.php?id=CVE-2025-21448
07 Apr 2025 — Transient DOS may occur while parsing SSID in action frames. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21435 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2025-21435
07 Apr 2025 — Transient DOS may occur while parsing extended IE in beacon. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21434 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2025-21434
07 Apr 2025 — Transient DOS may occur while parsing EHT operation IE or EHT capability IE. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2025-21430 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2025-21430
07 Apr 2025 — Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-126: Buffer Over-read •