CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21579
https://notcve.org/view.php?id=CVE-2025-21579
15 Apr 2025 — Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21577
https://notcve.org/view.php?id=CVE-2025-21577
15 Apr 2025 — Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21575
https://notcve.org/view.php?id=CVE-2025-21575
15 Apr 2025 — Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21574
https://notcve.org/view.php?id=CVE-2025-21574
15 Apr 2025 — Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.4EPSS: 0%CPEs: -EXPL: 0CVE-2025-21573
https://notcve.org/view.php?id=CVE-2025-21573
15 Apr 2025 — Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Revenue Management and Billing accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Revenue Management and Billing accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Financial Services Revenue Management and Billing. • https://www.oracle.com/security-alerts/cpuapr2025.html • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32012 – Jellyfin Vulnerable to Denial of Service (DoS) via IP Spoofing
https://notcve.org/view.php?id=CVE-2025-32012
15 Apr 2025 — This means that an unauthenticated attacker could mount a denial-of-service attack on any default-configured Jellyfin server by simply sending the same spoofed request every few seconds to restart the server over and over. This method of IP spoofing also bypasses some security mechanisms, cause a denial-of-service attack, and possible bypass the admin restart requirement if combined with remote code execution. • https://github.com/jellyfin/jellyfin/commit/f625665cb116a7e3feb8b79aaf1ed39a956e0585 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-42189 – HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack
https://notcve.org/view.php?id=CVE-2024-42189
15 Apr 2025 — HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack, due to a potentially weak validation of an API parameter. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120585 • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3618 – Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-3618
15 Apr 2025 — A denial-of-service vulnerability exists in the Rockwell Automation ThinManager. ... If exploited, a threat actor could cause a denial-of-service on the target software. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1727.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-32948 – PeerTube ActivityPub Playlist Creation Blind SSRF and DoS
https://notcve.org/view.php?id=CVE-2025-32948
15 Apr 2025 — By abusing the "Create Activity" functionality, it is possible to create crafted playlists which will cause either denial of service or an attacker-controlled blind SSRF. ... By abusing the "Create Activity" functionality, it is possible to create crafted playlists which will cause either denial of service or an attacker-controlled blind SSRF. • https://research.jfrog.com/vulnerabilities/peertube-activitypub-playlist-creation-blind-ssrf-dos • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-32947 – PeerTube ActivityPub Crawl Infinite Loop DoS
https://notcve.org/view.php?id=CVE-2025-32947
15 Apr 2025 — This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities. This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities. • https://research.jfrog.com/vulnerabilities/peertube-activitypub-crawl-dos • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •