CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27834 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27834
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708253 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27835 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27835
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708131 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27836 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27836
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708192 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-30118
https://notcve.org/view.php?id=CVE-2025-30118
25 Mar 2025 — It has Susceptibility to denial of service. • https://github.com/geo-chen/Audi/blob/main/README.md#finding-1---cve-2025-30118-audi-utr-susceptibility-to-dos • CWE-798: Use of Hard-coded Credentials •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2025-24513 – ingress-nginx controller - auth secret file path traversal vulnerability
https://notcve.org/view.php?id=CVE-2025-24513
24 Mar 2025 — This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster. • https://packetstorm.news/files/id/190070 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1558 – Denial of Service Via Malicious GIF
https://notcve.org/view.php?id=CVE-2025-1558
24 Mar 2025 — Mattermost Mobile Apps versions <=2.25.0 fail to properly validate GIF images prior to rendering which allows a malicious user to cause the Android application to crash via message containing a maliciously crafted GIF. • https://mattermost.com/security-updates • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-29313
https://notcve.org/view.php?id=CVE-2025-29313
24 Mar 2025 — Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining (SFC) Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service (DoS). • https://blog.csdn.net/weixin_43959580/article/details/146018191 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-30204 – jwt-go allows excessive memory allocation during header parsing
https://notcve.org/view.php?id=CVE-2025-30204
21 Mar 2025 — golang-jwt is a Go implementation of JSON Web Tokens. ... As a result, in the face of a malicious request whose Authorization header consists of Bearer followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. ... A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malici... • https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3 • CWE-405: Asymmetric Resource Consumption (Amplification) •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-54551
https://notcve.org/view.php?id=CVE-2024-54551
20 Mar 2025 — Processing web content may lead to a denial-of-service. • https://support.apple.com/en-us/120909 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30160 – Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form
https://notcve.org/view.php?id=CVE-2025-30160
20 Mar 2025 — A vulnerability has been identified in Redlib where an attacker can cause a denial-of-service (DOS) condition by submitting a specially crafted base2048-encoded DEFLATE decompression bomb to the restore_preferences form. • https://github.com/redlib-org/redlib/commit/15147cea8e42f6569a11603d661d71122f6a02dc • CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data •