CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10714 – Denial of Service in binary-husky/gpt_academic
https://notcve.org/view.php?id=CVE-2024-10714
20 Mar 2025 — A vulnerability in binary-husky/gpt_academic version 3.83 allows an attacker to cause a Denial of Service (DoS) by adding excessive characters to the end of a multipart boundary during file upload. • https://huntr.com/bounties/3e25b76c-714f-4948-8f5a-0ec9a6500068 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11173 – Unhandled Exception in danny-avila/librechat
https://notcve.org/view.php?id=CVE-2024-11173
20 Mar 2025 — An unhandled exception in the danny-avila/librechat repository, version git 600d217, can cause the server to crash, leading to a full denial of service. • https://github.com/danny-avila/librechat/commit/95a212534f1c5991bd1231a34ac3668b4b592cc3 • CWE-248: Uncaught Exception •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12391 – Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic
https://notcve.org/view.php?id=CVE-2024-12391
20 Mar 2025 — A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. ... Certain regular expressions can cause the Python RE engine to take exponential time to execute, leading to a Denial of Service (DoS) condition. An attacker who controls both the regular expression and the search string can exploit this vulnerability to hang the server for an arbitrary amount of time. • https://huntr.com/bounties/70b3f4f0-6b1b-4563-a18c-fe46502e6ba0 • CWE-183: Permissive List of Allowed Inputs •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8018 – Denial of Service (DOS) in imartinez/privategpt
https://notcve.org/view.php?id=CVE-2024-8018
20 Mar 2025 — A vulnerability in imartinez/privategpt version 0.5.0 allows for a Denial of Service (DOS) attack. When uploading a file, if an attacker appends a large number of characters to the end of a multipart boundary, the system will continuously process these characters, rendering privateGPT inaccessible. This uncontrolled resource consumption can lead to prolonged unavailability of the service, disrupting operations and causing potential data inaccessibility and lo... • https://huntr.com/bounties/0661fa3b-bea4-4156-abed-a65d51958505 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11033 – Denial of Service (DoS) in binary-husky/gpt_academic
https://notcve.org/view.php?id=CVE-2024-11033
20 Mar 2025 — A Denial of Service (DoS) vulnerability exists in the file upload feature of binary-husky/gpt_academic version 3.83. • https://huntr.com/bounties/78afc15c-7db7-42fe-90f5-a0480a2ec222 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8789 – Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-8789
20 Mar 2025 — Lunary-ai/lunary version git 105a3f6 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack. ... Certain regular expressions can have exponential runtime complexity relative to the input size, leading to potential denial of service. • https://github.com/lunary-ai/lunary/commit/7ff89b0304d191534b924cf063f3648206d497fa • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12868 – Denial of Service through Memory Exhaustion in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-12868
20 Mar 2025 — The starlette package versions <=0.49 are susceptible to uncontrolled resource consumption, which can be exploited to cause a denial of service through memory exhaustion. • https://huntr.com/bounties/56175583-70e3-4d53-94de-3f3a8e2423ec • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-11171 – Improper Input Validation in danny-avila/librechat
https://notcve.org/view.php?id=CVE-2024-11171
20 Mar 2025 — An attacker without any privileges can exploit this vulnerability to cause a complete denial of service. • https://github.com/danny-avila/librechat/commit/bb58a2d0662ef86dc75a9d2f6560125c018e3836 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10907 – Denial of Service (DoS) via Multipart Boundary in lm-sys/fastchat
https://notcve.org/view.php?id=CVE-2024-10907
20 Mar 2025 — Each extra character is processed in an infinite loop, leading to excessive resource consumption and a complete denial of service (DoS) for all users. • https://huntr.com/bounties/bf3ca81d-3508-4455-95d9-0b653e46d6e4 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-11045 – Cross-Site WebSocket Hijacking (CSWSH) in automatic1111/stable-diffusion-webui
https://notcve.org/view.php?id=CVE-2024-11045
20 Mar 2025 — This can lead to unauthorized cloning of server extensions, execution of malicious scripts, data exfiltration, and potential denial of service (DoS). • https://huntr.com/bounties/b7ed0d87-0be5-4526-9b21-ffe0d39c283e • CWE-284: Improper Access Control •