CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29910 – CryptoLib's crypto_handle_incrementing_nontransmitted_counter Function has Memory Leak
https://notcve.org/view.php?id=CVE-2025-29910
17 Mar 2025 — This issue can lead to resource exhaustion, reduced system performance, and potentially a Denial of Service (DoS) in environments where CryptoLib is used in long-running processes or with large volumes of data. ... Este problema puede provocar el agotamiento de recursos, la reducción del rendimiento del sistema y, potencialmente, una denegación de servicio (DoS) en entornos donde CryptoLib se utiliza en procesos de larga duración o con grandes volúmenes de datos. • https://github.com/nasa/CryptoLib/security/advisories/GHSA-p38w-p2r8-g6g5 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29909 – CryptoLib's Crypto_TC_ApplySecurity() Has a Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2025-29909
17 Mar 2025 — This can result in denial of service (DoS) or, under certain conditions, remote code execution (RCE). ... Esto puede provocar una denegación de servicio (DoS) o, en determinadas circunstancias, la ejecución remota de código (RCE). • https://github.com/nasa/CryptoLib/commit/c7e8a8745ff4b5e9bd7e500e91358e86d5abedcc • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-44866
https://notcve.org/view.php?id=CVE-2024-44866
17 Mar 2025 — A buffer overflow in the GuitarPro1::read function of MuseScore Studio v4.3.2 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via opening a crafted GuitarPro file. • https://github.com/moonadon9/CVE_2024 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1057 – Keylime: keylime registrar dos due to incompatible database entry handling
https://notcve.org/view.php?id=CVE-2025-1057
15 Mar 2025 — A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail. • https://access.redhat.com/security/cve/CVE-2025-1057 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-2295 – Potential iSCSI R2T PDU Vulnerability
https://notcve.org/view.php?id=CVE-2025-2295
14 Mar 2025 — A successful exploitation of this vulnerability may lead to denial of service. • https://github.com/tianocore/edk2/security/advisories/GHSA-8522-69fh-w74x • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-2268 – HP LaserJet MFP M232-M237 Printer Series - Potential Denial of Service
https://notcve.org/view.php?id=CVE-2025-2268
14 Mar 2025 — The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). • https://support.hp.com/us-en/document/ish_12114154-12114176-16/hpsbpi04013 • CWE-241: Improper Handling of Unexpected Data Type •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-8176 – Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
https://notcve.org/view.php?id=CVE-2024-8176
14 Mar 2025 — This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. ... If a user or automated system were tricked into processing specially crafted XML input, an attacker could use this issue to cause a denial of service. • https://access.redhat.com/security/cve/CVE-2024-8176 • CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24855 – libxslt: Use-After-Free in libxslt numbers.c
https://notcve.org/view.php?id=CVE-2025-24855
14 Mar 2025 — A remote attacker could use this issue to cause Libxslt to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://gitlab.gnome.org/GNOME/libxslt/-/issues/128 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2284 – Santesoft Sante PACS Server Access of Uninitialized Pointer DoS
https://notcve.org/view.php?id=CVE-2025-2284
13 Mar 2025 — A denial-of-service vulnerability exists in the "GetWebLoginCredentials" function in "Sante PACS Server.exe". • https://www.tenable.com/security/research/tra-2025-08 • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-1257 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-1257
13 Mar 2025 — A vulnerability in certain GitLab instances could allow an attacker to cause a denial of service condition by manipulating specific API inputs. • https://gitlab.com/gitlab-org/gitlab/-/issues/519348 • CWE-770: Allocation of Resources Without Limits or Throttling •