Page 2 of 50673 results (0.031 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

02 Jun 2025 — This could lead to local denial of service with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2025 • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

02 Jun 2025 — This could lead to local denial of service with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2025 • CWE-476: NULL Pointer Dereference •

CVSS: 5.3EPSS: 0%CPEs: -EXPL: 1

01 Jun 2025 — This vulnerability affects unknown code of the file /search.php of the component GET Parameter Handler. The manipulation of the argument Search leads to denial of service. ... Mittels dem Manipulieren des Arguments Search mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/rllvusgnzm98/Report/blob/main/blogbook/BlogBook%20search.php%20search%20Parameter%20SQL%20Injection.md • CWE-404: Improper Resource Shutdown or Release •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

30 May 2025 — These inputs are not validated before being compiled or parsed, causing a crash of the inference worker with a single request. • https://github.com/vllm-project/vllm/pull/17623 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

30 May 2025 — Version 0.8.0 up to but excluding 0.9.0 have a Denial of Service (ReDoS) that causes the vLLM server to crash if an invalid regex was provided while using structured output. This vulnerability is similar to GHSA-6qc9-v4r8-22xg/CVE-2025-48942, but for regex instead of a JSON schema. • https://github.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff • CWE-248: Uncaught Exception •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

30 May 2025 — This vulnerability is similar GHSA-9hcf-v7m4-6m2j/CVE-2025-48943, but for regex instead of a JSON schema. • https://github.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff • CWE-248: Uncaught Exception •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

30 May 2025 — vLLM, an inference and serving engine for large language models (LLMs), has a Regular Expression Denial of Service (ReDoS) vulnerability in the file `vllm/entrypoints/openai/tool_parsers/pythonic_tool_parser.py` of versions 0.6.4 up to but excluding 0.9.0. The root cause is the use of a highly complex and nested regular expression for tool call detection, which can be exploited by an attacker to cause severe performance degradation or make the service unavailable. • https://github.com/vllm-project/vllm/commit/4fc1bf813ad80172c1db31264beaef7d93fe0601 • CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

30 May 2025 — Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. ... While attackers can't read these copied files, they can cause DoS by copying large files (like /dev/urandom) to fill disk space. • https://github.com/gradio-app/gradio/security/advisories/GHSA-8jw3-6x8j-v96g • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0

29 May 2025 — IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. • https://www.ibm.com/support/pages/node/7235069 • CWE-121: Stack-based Buffer Overflow •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

29 May 2025 — IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.1 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query. • https://www.ibm.com/support/pages/node/7235072 • CWE-789: Memory Allocation with Excessive Size Value •