CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1558 – Denial of Service Via Malicious GIF
https://notcve.org/view.php?id=CVE-2025-1558
24 Mar 2025 — Mattermost Mobile Apps versions <=2.25.0 fail to properly validate GIF images prior to rendering which allows a malicious user to cause the Android application to crash via message containing a maliciously crafted GIF. • https://mattermost.com/security-updates • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-29313
https://notcve.org/view.php?id=CVE-2025-29313
24 Mar 2025 — Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining (SFC) Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service (DoS). • https://blog.csdn.net/weixin_43959580/article/details/146018191 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-30204 – jwt-go allows excessive memory allocation during header parsing
https://notcve.org/view.php?id=CVE-2025-30204
21 Mar 2025 — This issue can cause significant performance degradation or an application crash, leading to a denial of service. • https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3 • CWE-405: Asymmetric Resource Consumption (Amplification) •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-54551
https://notcve.org/view.php?id=CVE-2024-54551
20 Mar 2025 — Processing web content may lead to a denial-of-service. • https://support.apple.com/en-us/120909 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30160 – Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form
https://notcve.org/view.php?id=CVE-2025-30160
20 Mar 2025 — A vulnerability has been identified in Redlib where an attacker can cause a denial-of-service (DOS) condition by submitting a specially crafted base2048-encoded DEFLATE decompression bomb to the restore_preferences form. • https://github.com/redlib-org/redlib/commit/15147cea8e42f6569a11603d661d71122f6a02dc • CWE-400: Uncontrolled Resource Consumption CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12063 – Denial of Service in imartinez/privategpt
https://notcve.org/view.php?id=CVE-2024-12063
20 Mar 2025 — A Denial of Service (DoS) vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. • https://huntr.com/bounties/7db0091f-cb53-4cde-aad7-7ce491dfd8d9 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10549 – Denial of Service by ReDOS in h2oai/h2o-3
https://notcve.org/view.php?id=CVE-2024-10549
20 Mar 2025 — A vulnerability in the `/3/Parse` endpoint of h2oai/h2o-3 version 3.46.0.1 allows for a denial of service (DoS) attack. The endpoint uses a user-specified string to construct a regular expression, which is then applied to another user-specified string. By sending multiple simultaneous requests, an attacker can exhaust all available threads, leading to a complete denial of service. • https://huntr.com/bounties/ce7bd2d6-fd38-440d-a91a-dd8f3fc06bc2 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10650 – Denial of Service (DoS) in gaizhenbiao/chuanhuchatgpt
https://notcve.org/view.php?id=CVE-2024-10650
20 Mar 2025 — An unauthenticated Denial of Service (DoS) vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payloads using a multipart boundary. ... This can cause the system to continuously process these characters, resulting in prolonged unavailability of the service. • https://huntr.com/bounties/f820371d-a878-44bf-b1fd-2d837dd58eb4 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-8736 – Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-8736
20 Mar 2025 — A Denial of Service (DoS) vulnerability exists in multiple file upload endpoints of parisneo/lollms-webui version V12 (Strawberry). ... By appending additional characters to the multipart boundary, an attacker can cause the server to parse each byte of the boundary, ultimately leading to service unavailability. • https://huntr.com/bounties/935dbc03-1b43-4dbb-b6cd-1aa95a789d4f • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12070 – Denial of Service in haotian-liu/llava
https://notcve.org/view.php?id=CVE-2024-12070
20 Mar 2025 — A Denial of Service (DoS) vulnerability exists in the file upload feature of haotian-liu/llava, specifically in Release v1.2.0 (LLaVA-1.6). • https://huntr.com/bounties/8adac028-21c5-41ba-b785-b03066c0b2a6 • CWE-400: Uncontrolled Resource Consumption •