CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24264 – Apple Security Advisory 04-01-2025-1
https://notcve.org/view.php?id=CVE-2025-24264
31 Mar 2025 — Processing maliciously crafted web content may lead to an unexpected Safari crash. ajajfxhj discovered that processing web content may lead to a denial-of-service. • https://support.apple.com/en-us/122371 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24199 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24199
31 Mar 2025 — An app may be able to cause a denial-of-service. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24208 – webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
https://notcve.org/view.php?id=CVE-2025-24208
31 Mar 2025 — Loading a malicious iframe can cause a cross-site scripting attack due to permissions issues. ajajfxhj discovered that processing web content may lead to a denial-of-service. • https://support.apple.com/en-us/122371 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24260 – Apple Security Advisory 03-31-2025-9
https://notcve.org/view.php?id=CVE-2025-24260
31 Mar 2025 — An attacker in a privileged position may be able to perform a denial-of-service. macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities. • https://support.apple.com/en-us/122373 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-24216 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
https://notcve.org/view.php?id=CVE-2025-24216
31 Mar 2025 — Processing malicious web content can cause an unexpected process crash due to improper memory handling. ajajfxhj discovered that processing web content may lead to a denial-of-service. • https://support.apple.com/en-us/122371 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-508: Non-Replicating Malicious Code •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-29908 – Netty QUIC hash collision DoS attack
https://notcve.org/view.php?id=CVE-2025-29908
31 Mar 2025 — A hash collision vulnerability (in the hash map used to manage connections) allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). • https://github.com/ncc-pbottine/QUIC-Hash-Dos-Advisory • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2794 – Kentico Xperience Staging Unsafe Reflection Kentico Xperience
https://notcve.org/view.php?id=CVE-2025-2794
31 Mar 2025 — An unsafe reflection vulnerability in Kentico Xperience allows an unauthenticated attacker to kill the current process, leading to a Denial-of-Service condition. • https://devnet.kentico.com/download/hotfixes • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-2402 – Hard-coded password for object store of KNIME Business Hub
https://notcve.org/view.php?id=CVE-2025-2402
31 Mar 2025 — It is also possible to cause a denial-of-service of most functionality of KNIME Business Hub by writing large amounts of data to the object store directly. • https://www.knime.com/security/advisories#CVE-2025-2402 • CWE-259: Use of Hard-coded Password •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2958 – TRENDnet TEW-818DRU HTTP Request httpd denial of service
https://notcve.org/view.php?id=CVE-2025-2958
30 Mar 2025 — The manipulation leads to denial of service. ... Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.302011 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 4.8EPSS: 0%CPEs: -EXPL: 1CVE-2025-2953 – PyTorch torch.mkldnn_max_pool2d denial of service
https://notcve.org/view.php?id=CVE-2025-2953
30 Mar 2025 — The manipulation leads to denial of service. ... Dank Manipulation mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://github.com/pytorch/pytorch/issues/149274 • CWE-404: Improper Resource Shutdown or Release •