CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7779 – ReDoS (Regular Expression Denial of Service) in danswer-ai/danswer
https://notcve.org/view.php?id=CVE-2024-7779
20 Mar 2025 — A vulnerability in danswer-ai/danswer version 1 allows an attacker to perform a Regular Expression Denial of Service (ReDoS) by manipulating regular expressions. • https://huntr.com/bounties/829f7d9f-8755-4362-bd40-801e4690dcdc • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-9340 – Denial of Service (DoS) via Multipart Boundary in zenml-io/zenml
https://notcve.org/view.php?id=CVE-2024-9340
20 Mar 2025 — A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthenticated attackers to cause excessive resource consumption by sending malformed multipart requests with arbitrary characters appended to the end of multipart boundaries. This flaw in the multipart request boundary processing mechanism leads to an infinite loop, resulting in a complete denial of service for all users. • https://github.com/zenml-io/zenml/commit/cba152eb9ca3071c8372b0b91c02d9d3351de48d • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7771 – Denial of Service in mintplex-labs/anything-llm
https://notcve.org/view.php?id=CVE-2024-7771
20 Mar 2025 — A vulnerability in the Dockerized version of mintplex-labs/anything-llm (latest, digest 1d9452da2b92) allows for a denial of service. • https://github.com/mintplex-labs/anything-llm/commit/dd017c6cbbf42abdef7861a66558c53b66424d07 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0190 – Denial of Service in aimhubio/aim
https://notcve.org/view.php?id=CVE-2025-0190
20 Mar 2025 — In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. ... This vulnerability can be exploited repeatedly, leading to a complete denial of service. • https://huntr.com/bounties/38d151f1-abb4-443a-86b0-6c26f0c6cb70 • CWE-1049: Excessive Data Query Operations in a Large Data Table •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12055 – DoS using malicious gguf model file in ollama/ollama
https://notcve.org/view.php?id=CVE-2024-12055
20 Mar 2025 — When the server processes this malicious model, it crashes, leading to a Denial of Service (DoS) attack. The root cause of the issue is an out-of-bounds read in the gguf.go file. • https://huntr.com/bounties/7b111d55-8215-4727-8807-c5ed4cf1bfbe • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10713 – Denial of Service (DoS) via Multipart Request in szad670401/hyperlpr
https://notcve.org/view.php?id=CVE-2024-10713
20 Mar 2025 — A vulnerability in szad670401/hyperlpr v3.0 allows for a Denial of Service (DoS) attack. The server fails to handle excessive characters appended to the end of multipart boundaries, regardless of the character used. This flaw can be exploited by sending malformed multipart requests with arbitrary characters at the end of the boundary, leading to excessive resource consumption and a complete denial of service for all users. • https://huntr.com/bounties/d5404069-95b3-40e0-a7a4-c3a183d861b0 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7765 – Denial of Service in h2oai/h2o-3
https://notcve.org/view.php?id=CVE-2024-7765
20 Mar 2025 — In h2oai/h2o-3 version 3.46.0.2, a vulnerability exists where uploading and repeatedly parsing a large GZIP file can cause a denial of service. • https://huntr.com/bounties/0e58b1a5-bdca-4e60-af92-09de9c76a9ff • CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-29217
https://notcve.org/view.php?id=CVE-2025-29217
20 Mar 2025 — This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • http://w18e.com • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-29218
https://notcve.org/view.php?id=CVE-2025-29218
20 Mar 2025 — This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. • https://gist.github.com/isstabber/a03c9dc3e89d5cf3b9e46dbef1ee5bf1 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27787 – Applio allows a DoS in restart.py
https://notcve.org/view.php?id=CVE-2025-27787
19 Mar 2025 — Versions 3.2.8-bugfix and prior are vulnerable to denial of service (DoS) in restart.py. ... Since an attacker can't know what process is running on which process ID, they can send a list of hundreds of process IDs, which can kill the process that applio is using to run, as well as other, potentially important processes, which leads to DoS. Note that constructing a path with user input also enables path traversal. • https://github.com/IAHispano/Applio/blob/29b4a00e4be209f9aac51cd9ccffcc632dfb2973/tabs/settings/sections/restart.py#L9 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •