CVSS: 5.9EPSS: 42%CPEs: 11EXPL: 4CVE-2025-26466 – Openssh: denial-of-service in openssh
https://notcve.org/view.php?id=CVE-2025-26466
18 Feb 2025 — A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack. ssh(1) contains a logic error that allows an on-path attac... • https://github.com/rxerium/CVE-2025-26466 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 21EXPL: 0CVE-2024-12243 – Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos
https://notcve.org/view.php?id=CVE-2024-12243
10 Feb 2025 — A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition. Bing Shi discovered that GnuTLS incorrectly handled decoding certain DER-encoded certificates. A remote at... • https://access.redhat.com/security/cve/CVE-2024-12243 • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2024-12133 – Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos
https://notcve.org/view.php?id=CVE-2024-12133
10 Feb 2025 — A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack. USN-7275-1 fixed vulnerabilities in Libtasn1. This update provides the corresponding updates for Ubuntu 24.04 LTS. • https://access.redhat.com/security/cve/CVE-2024-12133 • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0977
https://notcve.org/view.php?id=CVE-2025-0977
06 Feb 2025 — Update the openssl crate to version 0.10.70 and the openssl-sys crate to version 0.9.105. This includes a fix for [RUSTSEC-2025-0004](https://rustsec.org/advisories/RUSTSEC-2025-0004.html) / CVE-2025-0977 and rebuilds of all packages that statically link the openssl crate. •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2024-57392 – SUSE Security Advisory - SUSE-SU-2025:1028-1
https://notcve.org/view.php?id=CVE-2024-57392
06 Feb 2025 — Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote attacker to execute arbitrary code and can cause a Denial of Service (DoS) on the FTP service by sending a maliciously crafted message to the ProFTPD service port. An update that fixes two vulnerabilities is now available. This update for proftpd fixes the following issues. Null pointer dereference vulnerability by sending a maliciously crafted message. Supplemental group inheritance grants unintended access to GID 0. • https://github.com/Br1m4zz/protocol_vul_repoduce.git • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.9EPSS: 0%CPEs: 4EXPL: 0CVE-2025-0825 – CRLF injection in Cpp-httplib
https://notcve.org/view.php?id=CVE-2025-0825
04 Feb 2025 — cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters ("\r\n") when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more. • https://github.com/yhirose/cpp-httplib/commit/9c36aae4b73e2b6e493f4133e4173103c9266289 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2025-24162 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
https://notcve.org/view.php?id=CVE-2025-24162
27 Jan 2025 — This issue was addressed through improved state management. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing maliciously crafted web content may lead to an unexpected process crash. A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management. • https://support.apple.com/en-us/122066 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2025-24158 – webkitgtk: Processing web content may lead to a denial-of-service
https://notcve.org/view.php?id=CVE-2025-24158
27 Jan 2025 — The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Processing web content may lead to a denial-of-service. A flaw was found in WebKitGTK. Processing malicious web content can cause a denial of service due to improper memory handling. • https://support.apple.com/en-us/122066 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.6EPSS: 0%CPEs: 29EXPL: 0CVE-2024-11218 – Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile
https://notcve.org/view.php?id=CVE-2024-11218
22 Jan 2025 — A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host. This update for podman fixes the following issues. Github.com/containers/storage: Fixed symlink traversal vulnerability in the containers/storage library can cause Denial of Service Load ip_tables and ip6_tab... • https://access.redhat.com/security/cve/CVE-2024-11218 • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 5%CPEs: 16EXPL: 2CVE-2024-12084 – Rsync: heap buffer overflow in rsync due to improper checksum length handling
https://notcve.org/view.php?id=CVE-2024-12084
15 Jan 2025 — A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer. Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. • https://github.com/themirze/cve-2024-12084 • CWE-122: Heap-based Buffer Overflow •