CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29909 – CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-29909
17 Mar 2025 — This can result in denial of service (DoS) or, under certain conditions, remote code execution (RCE). ... Esto puede provocar una denegación de servicio (DoS) o, en determinadas circunstancias, la ejecución remota de código (RCE). • https://github.com/nasa/CryptoLib/commit/c7e8a8745ff4b5e9bd7e500e91358e86d5abedcc • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44866
https://notcve.org/view.php?id=CVE-2024-44866
17 Mar 2025 — A buffer overflow in the GuitarPro1::read function of MuseScore Studio v4.3.2 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via opening a crafted GuitarPro file. • https://github.com/moonadon9/CVE_2024 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1057 – Keylime: keylime registrar dos due to incompatible database entry handling
https://notcve.org/view.php?id=CVE-2025-1057
15 Mar 2025 — A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail. • https://access.redhat.com/security/cve/CVE-2025-1057 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-2295 – Potential iSCSI R2T PDU Vulnerability
https://notcve.org/view.php?id=CVE-2025-2295
14 Mar 2025 — A successful exploitation of this vulnerability may lead to denial of service. • https://github.com/tianocore/edk2/security/advisories/GHSA-8522-69fh-w74x • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-2268 – HP LaserJet MFP M232-M237 Printer Series - Potential Denial of Service
https://notcve.org/view.php?id=CVE-2025-2268
14 Mar 2025 — The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). • https://support.hp.com/us-en/document/ish_12114154-12114176-16/hpsbpi04013 • CWE-241: Improper Handling of Unexpected Data Type •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-8176 – Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
https://notcve.org/view.php?id=CVE-2024-8176
14 Mar 2025 — This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. • https://access.redhat.com/security/cve/CVE-2024-8176 • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24855 – libxslt: Use-After-Free in libxslt numbers.c
https://notcve.org/view.php?id=CVE-2025-24855
14 Mar 2025 — A remote attacker could use this issue to cause Libxslt to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://gitlab.gnome.org/GNOME/libxslt/-/issues/128 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2284 – Santesoft Sante PACS Server Access of Uninitialized Pointer DoS
https://notcve.org/view.php?id=CVE-2025-2284
13 Mar 2025 — A denial-of-service vulnerability exists in the "GetWebLoginCredentials" function in "Sante PACS Server.exe". • https://www.tenable.com/security/research/tra-2025-08 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-1257 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-1257
13 Mar 2025 — A vulnerability in certain GitLab instances could allow an attacker to cause a denial of service condition by manipulating specific API inputs. • https://gitlab.com/gitlab-org/gitlab/-/issues/519348 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2024-13054 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2024-13054
13 Mar 2025 — An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions. • https://gitlab.com/gitlab-org/gitlab/-/issues/511004 • CWE-770: Allocation of Resources Without Limits or Throttling •