CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24002 – MQTT DoS Vulnerability in German EV Charging Stations
https://notcve.org/view.php?id=CVE-2025-24002
08 Jul 2025 — An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog. • https://certvde.com/en/advisories/VDE-2025-014 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-20695
https://notcve.org/view.php?id=CVE-2025-20695
08 Jul 2025 — This could lead to remote denial of service with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-124: Buffer Underwrite ('Buffer Underflow') •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-20694
https://notcve.org/view.php?id=CVE-2025-20694
08 Jul 2025 — This could lead to remote denial of service with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-124: Buffer Underwrite ('Buffer Underflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20687
https://notcve.org/view.php?id=CVE-2025-20687
08 Jul 2025 — This could lead to local denial of service with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 17EXPL: 0CVE-2025-42954 – Denial of service (DOS) in SAP NetWeaver Business Warehouse (CCAW application)
https://notcve.org/view.php?id=CVE-2025-42954
08 Jul 2025 — SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in reduced performance or interrupted operation of the affected resource. This leads to low impact on availability of the application, there is no impact on confidentiality and integrity. • https://me.sap.com/notes/3608156 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0CVE-2025-20322 – Denial of Service (DoS) in Search Head Cluster through Cross-Site Request Forgery (CSRF) in Splunk Enterprise
https://notcve.org/view.php?id=CVE-2025-20322
07 Jul 2025 — In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.104, 9.3.2408.113, and 9.2.2406.119, an unauthenticated attacker could send a specially-crafted SPL search command that could trigger a rolling restart in the Search Head Cluster through a Cross-Site Request Forgery (CSRF), potentially leading to a denial of service (DoS).<br><br>The vulnerability requires the attacker to phish the administrator-lev... • https://advisory.splunk.com/advisories/SVD-2025-0705 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-20320 – Denial of Service (DoS) through “User Interface - Views“ configuration page in Splunk Enterprise
https://notcve.org/view.php?id=CVE-2025-20320
07 Jul 2025 — In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the `User Interface - Views` configuration page that could potentially lead to a denial of service (DoS).The user could cause the DoS by exploiting a path traversal vulnerabilit... • https://advisory.splunk.com/advisories/SVD-2025-0703 • CWE-35: Path Traversal: '.../ •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-53531 – WeGIA allows Uncontrolled Resource Consumption via the fid parameter
https://notcve.org/view.php?id=CVE-2025-53531
07 Jul 2025 — This makes the server susceptible to Denial of Service (DoS) attacks. This vulnerability is fixed in 3.3.0. ... Esto hace que el servidor sea susceptible a ataques de denegación de servicio (DoS). Esta vulnerabilidad se corrigió en la versión 3.3.0. • https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-4ffc-f23j-54m3 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-53530 – WeGIA allows Uncontrolled Resource Consumption via the errorstr parameter
https://notcve.org/view.php?id=CVE-2025-53530
07 Jul 2025 — This makes the server susceptible to Denial of Service (DoS) attacks. This vulnerability is fixed in 3.3.0. ... Esto hace que el servidor sea susceptible a ataques de denegación de servicio (DoS). Esta vulnerabilidad se corrigió en la versión 3.3.0. • https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-562r-xgj9-2r7p • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7259 – Certain Queries with Duplicate _id Fields May Cause MongoDB Server to Crash
https://notcve.org/view.php?id=CVE-2025-7259
07 Jul 2025 — This issue can only be triggered by authorized users and cause Denial of Service. • https://jira.mongodb.org/browse/SERVER-102693 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •