CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-10648 – Path Traversal in gradio-app/gradio
https://notcve.org/view.php?id=CVE-2024-10648
20 Mar 2025 — By manipulating the output format, an attacker can reset any file to an empty file, causing a denial of service (DOS) on the server. • https://huntr.com/bounties/667d664d-8189-458c-8ed7-483fe8f33c76 • CWE-29: Path Traversal: '\..\filename' •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12074 – Denial of Service in automatic1111/stable-diffusion-webui
https://notcve.org/view.php?id=CVE-2024-12074
20 Mar 2025 — A Denial of Service (DoS) vulnerability was discovered in the file upload feature of automatic1111/stable-diffusion-webui version 1.10.0. • https://huntr.com/bounties/6b44bfc2-31a7-4fe9-86fb-072c90a23642 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8062 – Denial of Service in h2oai/h2o-3
https://notcve.org/view.php?id=CVE-2024-8062
20 Mar 2025 — A vulnerability in the typeahead endpoint of h2oai/h2o-3 version 3.46.0 allows for a denial of service. • https://huntr.com/bounties/a04190d9-4acb-449a-9a7f-f1bf6be1ed23 • CWE-1088: Synchronous Access of Remote Resource without Timeout •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8998 – Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-8998
20 Mar 2025 — A Regular Expression Denial of Service (ReDoS) vulnerability exists in lunary-ai/lunary version git f07a845. • https://github.com/lunary-ai/lunary/commit/f2bfa036caf2c48686474f4560a9c5abcf5f43b7 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-8966 – Denial of Service in gradio-app/gradio
https://notcve.org/view.php?id=CVE-2024-8966
20 Mar 2025 — A vulnerability in the file upload process of gradio-app/gradio version @gradio/video@0.10.2 allows for a Denial of Service (DoS) attack. • https://huntr.com/bounties/7b5932bb-58d1-4e71-b85c-43dc40522ff2 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2025-0453 – Denial of Service through Batched Queries in GraphQL in mlflow/mlflow
https://notcve.org/view.php?id=CVE-2025-0453
20 Mar 2025 — In mlflow/mlflow version 2.17.2, the `/graphql` endpoint is vulnerable to a denial of service attack. • https://huntr.com/bounties/788327ec-714a-4d5c-83aa-8df04dd7612b • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10955 – ReDoS (Regular Expression Denial of Service) in gaizhenbiao/chuanhuchatgpt
https://notcve.org/view.php?id=CVE-2024-10955
20 Mar 2025 — A Regular Expression Denial of Service (ReDoS) vulnerability exists in gaizhenbiao/chuanhuchatgpt, as of commit 20b2e02. ... This can lead to a Denial of Service (DoS) condition, potentially affecting the entire server. • https://huntr.com/bounties/8291f8d0-5060-47e7-9986-1f411310fb7b • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10912 – Denial of Service in lm-sys/fastchat
https://notcve.org/view.php?id=CVE-2024-10912
20 Mar 2025 — A Denial of Service (DoS) vulnerability exists in the file upload feature of lm-sys/fastchat version 0.2.36. • https://huntr.com/bounties/52f335b8-1134-4d0f-acb4-efef516de414 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-10569 – Zip Bomb Vulnerability in gradio-app/gradio
https://notcve.org/view.php?id=CVE-2024-10569
20 Mar 2025 — An attacker can exploit this by uploading a maliciously crafted zip bomb, leading to a server crash and causing a denial of service. • https://huntr.com/bounties/7192bcbb-08a3-4d22-a321-9c6d19dbfc74 • CWE-475: Undefined Behavior for Input to API •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12759 – Denial of Service (DoS) via Multipart Boundary in bentoml/bentoml
https://notcve.org/view.php?id=CVE-2024-12759
20 Mar 2025 — In bentoml/bentoml version 1.3.9, the `/login` endpoint of the newly integrated Gradio app is vulnerable to a Denial of Service (DoS) attack. • https://huntr.com/bounties/e467ec92-0ad1-4461-8468-1beabf701b9f • CWE-400: Uncontrolled Resource Consumption •