CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-2614 – Allocation of Resources Without Limits or Throttling in GitLab
https://notcve.org/view.php?id=CVE-2025-2614
13 Aug 2025 — An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resources when processed. • https://gitlab.com/gitlab-org/gitlab/-/issues/526349 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2025-2937 – Inefficient Regular Expression Complexity in GitLab
https://notcve.org/view.php?id=CVE-2025-2937
13 Aug 2025 — An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to create a denial of service condition by sending specially crafted markdown payloads to the Wiki feature. • https://gitlab.com/gitlab-org/gitlab/-/issues/528995 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-23294
https://notcve.org/view.php?id=CVE-2025-23294
13 Aug 2025 — A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service. • https://nvd.nist.gov/vuln/detail/CVE-2025-23294 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.9EPSS: 0%CPEs: 10EXPL: 0CVE-2025-54500 – HTTP/2 Vulnerability
https://notcve.org/view.php?id=CVE-2025-54500
13 Aug 2025 — An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack). • https://my.f5.com/manage/s/article/K000152001 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-55160 – ImageMagick Undefined Behavior (function-type-mismatch) in CloneSplayTree
https://notcve.org/view.php?id=CVE-2025-55160
13 Aug 2025 — This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. • https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hgw-6x87-578x • CWE-758: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-48989 – Apache Tomcat: h2 DoS - Made You Reset
https://notcve.org/view.php?id=CVE-2025-48989
13 Aug 2025 — While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS). ... Issues addressed include a denial of service vulnerability. • https://lists.apache.org/thread/9ydfg0xr0tchmglcprhxgwhj0hfwxlyf • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-8671 – CVE-2025-8671
https://notcve.org/view.php?id=CVE-2025-8671
13 Aug 2025 — A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service (DoS). • https://galbarnahum.com/made-you-reset • CWE-404: Improper Resource Shutdown or Release •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-8916 – Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer
https://notcve.org/view.php?id=CVE-2025-8916
13 Aug 2025 — Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java , https://github.Com/bcgit/bc-java/... • https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.7EPSS: 0%CPEs: -EXPL: 1CVE-2025-8761 – INSTAR 2K+/4K Backend IPC Server denial of service
https://notcve.org/view.php?id=CVE-2025-8761
13 Aug 2025 — The manipulation leads to denial of service. ... Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. • https://modzero.com/static/MZ-25-03_modzero_INSTAR.pdf • CWE-404: Improper Resource Shutdown or Release •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-8882 – Debian Security Advisory 5976-1
https://notcve.org/view.php?id=CVE-2025-8882
13 Aug 2025 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html • CWE-416: Use After Free •